Supplier Audits and What You Need to Know

Performing Supplier Audits If you’re in business with a supplier, you’re going to want to make sure you perform regular audits as their business practices directly impact yours. Supplier audits are essential to document the relationship between different companies and verify a supplier’s compliance with required processes and [...]

A Closer Look at IT Compliance

Importance of Implementing IT Compliance With the vast majority of businesses going digital, IT compliance is now more prevalent than ever. With that said, we wanted to utilize this blog post as an opportunity to educate our readers on the hot topic of IT compliance. Read on to [...]

Five Unique Cyber Threats that You may not have Considered

The downfall of Convenience The continuous advancement of technology is evergreen because of its advantages like easy access and instant gratification. From being able to shop for groceries from their living room, to having vehicles that drive themselves, consumers are loving the convenience that the cyber world is bringing [...]

Financial Service Risks That Require a Powerful Risk Assessment Platform

Financial Service Risk Over the last several years, the financial services industry has been hurdled with scandals and loss. Said scandals have cost financial companies millions of dollars and left them with a not so good look. Financial service risks are getting out of hand, so I’m going to [...]

Information Risk: ISO 27001

What is it? ISO 27001 is an international standard that provides a process for an Information Security Management System (ISMS). An ISMS is a framework containing policies and procedures for an organization to follow throughout its information risk management process. Following the process will ensure that any company’s stored [...]

How Consulting Firms Can Provide Better Service at a Lower Cost

Risk consultants are so busy managing risk for other companies that they often don’t realize that they themselves also have risks to face, such as: missing deadlines, misplacing client documents, difficulty scheduling client interviews and more. But overall, the biggest risk here is performance. How can a consulting firm [...]

Top Three Industries that Need an Effective Risk Management Solution

We live in a society where risk is ever present and impossible to avoid, no matter what industry you are in. It is no secret that some industries tend to face higher risk than others, therefor they must take additional precautions. PCI-DSS, HIPAA, and NERC-CIP-01 all require risk assessments. [...]

Risk Management Process: Security Analysis Methodology in SecureWatch

What is ISO 31000? ISO 31000 is a security analysis methodology, or risk management process, that is used in various risk programs across a range of different industries. It helps standardize the steps you take to evaluate and manage risk, leaving you with a formal and standardized workflow. Why [...]


USING SPREADSHEETS FOR RISK ASSESSMENTS – WHY IT IS SUCH A BAD IDEA? Spreadsheets are user-friendly, inexpensive, and easy to use, which are key attributes. However, they fall short in several key areas when using them to perform Risk Assessments and Security Audits. The temptation for a low-cost quick-fix [...]

A State CSO Reflects on a Breach

Alaska's Health and Social Services CSO Offers Lessons Learned Thor Ryan, chief security officer at the Alaska Department of Health and Social Services, offers lessons learned as a result of his organization's $1.7 million settlement following a HIPAA compliance investigation triggered by a small breach incident. The key lesson, [...]

By |2012-09-16T13:25:47+00:00September 16th, 2012|HIPAA Risk Analysis, Hospital Security, Threat Assessment|0 Comments