Risk Assessment
We help you better understand and manage risks associated with the use of new and existing technology applications, projects, vendors, or solutions.
Through this service, we assess the risks associated with your initiatives and identify opportunities to effectively manage those risks. This service focuses on:
- Data loss and data breach
- Loss of system/data availability and integrity
- Regulatory compliance
- Health Insurance Portability and Accountability Act (HIPAA) and Meaningful Use (MU)
- Payment Card Industry Data Security Standard (PCI DSS)
- Sarbanes-Oxley Act (SOX)
- Impacts of new systems to our regulatory compliance and technology environments
- Vendors providing technology or services to KP and accessing KP sensitive data
- Other KP privacy, security, and compliance requirements, such as national KP policies, the Solution Delivery Life Cycle, etc.
What you can expect:
- Your technology risk consultant will provide a single point of contact to guide you through our risk assessment process
- Access to risk, security, and compliance subject matter experts
- An integrated assessment plan that provides greater efficiencies in scoping and conducting assessments
- Periodic status updates and monitoring of the integrated assessment plan
- Recommendations to manage your technology risks
- Coordination across multiple risk disciplines to address the complex and varied nature of today’s technology solutions
Resources
Getting Started
You have two ways to request a consultation:
- Directly connect with your technology risk consultant.
- Fill out our TRO engagement request form.
Related TRO Service
This service includes support for addressing control gaps identified from assessments or audits. See Advisory & Consultation – Risk Response & Exception Support for more details.
