Risk Assessment

We help you better understand and manage risks associated with the use of new and existing technology applications, projects, vendors, or solutions.

Through this service, we assess the risks associated with your initiatives and identify opportunities to effectively manage those risks. This service focuses on:

  • Data loss and data breach
  • Loss of system/data availability and integrity
  • Regulatory compliance
  • Health Insurance Portability and Accountability Act (HIPAA) and Meaningful Use (MU)
  • Payment Card Industry Data Security Standard (PCI DSS)
  • Sarbanes-Oxley Act (SOX)
  • Impacts of new systems to our regulatory compliance and technology environments
  • Vendors providing technology or services to KP and accessing KP sensitive data
  • Other KP privacy, security, and compliance requirements, such as national KP policies, the Solution Delivery Life Cycle, etc.

What you can expect:

  • Your technology risk consultant will provide a single point of contact to guide you through our risk assessment process
  • Access to risk, security, and compliance subject matter experts
  • An integrated assessment plan that provides greater efficiencies in scoping and conducting assessments
  • Periodic status updates and monitoring of the integrated assessment plan
  • Recommendations to manage your technology risks
  • Coordination across multiple risk disciplines to address the complex and varied nature of today’s technology solutions

 

Resources

Back to top

Getting Started

You have two ways to request a consultation:


Related TRO Service

This service includes support for addressing control gaps identified from assessments or audits. See Advisory & Consultation – Risk Response & Exception Support for more details.