Do you know your organization’s information security risks, and how to minimize those risks? Through A-LIGN’s risk assessment services, our team will identify and rank the risks within your organization so that your leadership can sleep at night knowing that the risks are being managed.
A-LIGN can help you manage your risk through the following assessment services:
General Risk Assessment
Risk Assessments are used to meet regulatory and contractual requirements, and to enhance your organization’s ability to manage risk. Additionally, compliance requirements such as HIPAA or PCI require risk assessments annually. A-LIGN can help your organization conduct the risk assessment through our 9-step approach based on NIST SP 800-30:
- System Characterization
- Threat Identification
- Vulnerability Identification
- Control Analysis
- Likelihood Determination
- Impact Analysis
- Risk Determination
- Control Recommendations
- Results Documentation
Enterprise-Wide Risk Assessment
For organizations that desire a comprehensive risk assessment offering, A-LIGN offers enterprise-wide risk assessments. In addition to the 9-step process outlined above, A-LIGN implements a four-phased approach:
- Develop an understanding of the environment and processes included in the risk assessment
- Identify key risk exposure based on the company profile
- Conduct risk assessment
- Evaluate risk assessment results with senior management to develop risk mitigation strategy
Upon completion of the risk assessment, A-LIGN will provide a Risk Assessment Report, which provides an in-depth analysis of the assessment performed, as well as a detailed risk matrix.
Rest easy knowing your risks are being effectively managed.
Why choose A-LIGN for your organization’s risk assessment?
- Receive a robust, customized assessment based on your organization’s unique risks
- Understand and manage the risk profile of your organization
- Meet the risk assessment requirements of published information security standards