What is Risk Management?

by Sarah Harvey / October 11th, 2017

Why is Risk Management Important to Business? Humans are constantly considering risk, even when we don’t realize it. Risk management is our response to the possibility of suffering harm or something going wrong…and things go wrong all the time! Car accidents, stolen wallets, unexpected bad weather, burnt dinners. The list could go on and on. We are programmed to manage risk. So, how does risk management translate into business? We…

How a Risk Assessment Can Save Your Business

by Sarah Harvey / October 6th, 2017

A risk assessment is a critical component of any organization’s infrastructure as they help to create an awareness of risk. In today’s threat landscape, specifically relating to cybersecurity, it’s more important than ever to know where your assets live, fully understand the controls in place to protect those assets, and to test the efficiency of those controls. When trying to understand why it is important to complete a risk assessment,…

Man working on computer

Shark in Water: 5 Things to Avoid a Costly Data Breach

by Sarah Harvey / July 21st, 2017

Is your organization swimming in information security concerns? Recent and startling new malicious attacks are causing organizations to re-think everything we know about our security posture – from breach prevention to response. Organizations are beginning to shift their focus on security when they have realized that sometimes, compliance isn’t enough. With this “shark in water” reality, here are 5 things your organization should be doing to avoid a data breach.…

Using your HIPAA Risk Analysis

by Sarah Harvey / April 13th, 2017

Congratulations! You’ve completed your initial comprehensive HIPAA risk analysis, no easy task. You’ve gone through the process and planned for and scoped your environment. You’ve identified your risks, threats, and vulnerabilities, and all of the associated requirements necessary to conduct and complete a HIPAA risk analysis. So, now what? Let’s focus on five important steps for using your HIPAA risk analysis; Internal Reporting, Management Responsibilities, Corrective Action, Monitoring, and Auditing.…

Using Your Risk Analysis

by Sarah Harvey / April 5th, 2017

What To Do With Your Completed Risk Analysis Completing a comprehensive HIPAA risk analysis is a big achievement and puts you in rare company…but you’re not done yet. Once you've completed your HIPAA risk analysis, your organization should be asking: What are we doing to do with this risk? Has management reviewed this and agreed? How can we use this information to improve? A mature risk management program doesn’t ask,…