Perform online risk assessments. Implement proper safeguards. Evaluate compliance.
The increased frequency of security incidents has resulted in new legislation at both the federal and state levels. Fundamental to meeting these regulations, including the Gramm-Leach-Bliley Act (GLBA), the Health Insurance Portability and Accountability Act (HIPAA) and California SB1386, are regularly-scheduled risk assessments.
Whether you are in a regulated industry, government agency or simply an organization seeking to benchmark against widely-accepted best practices, you will need to conduct regular, recurring information risk assessments as part of your security management program. Because risk assessment methodologies are often viewed as complex and cumbersome, many organizations have relied on external firms to perform these activities on a contract basis. Unfortunately, it can be expensive to engage a third-party assessment team, and more importantly, it is unlikely that they will understand your business well enough to yield a meaningful result.
TraceSecurity's Risk Manager takes a close look at your safeguards, vulnerabilities, threats, asset information and loss expectancies. It assists in the analysis process and enables you to assess those focus areas to determine your overall risk.
Key Features
- • Web-based; always available, on-demand
- • Automates the risk assessment process
- • Based upon industry standard risk assessment approaches including
- OCTAVE and NIST
- • Built-on robust framework of threats, assets and safeguards
- • Fifteen unique threat types
- • Over 100 security controls
- • Predefined asset information
- • Predefined severity levels for threats, safeguards and vulnerabilities
- • Fully customizable threats, assets and safeguard parameters
- • Detailed reporting capabilities including charts and graphs
- • Built to scale
- • Multi-user access
- • Integrated regulation information to aid in compliance
- • Continuously updated with new threats and expanded safeguards
