Risk assessment is the cornerstone of any organizations information security risk management program. Examination of the physical, technical and administrative controls is not only an imperative in business today but a non-negotiable regulatory requirement. Best practices for risk assessment have evolved from standards like NIST and ISO 17799/27001 and most firms subscribe to those best practices in their provision of risk assessment services.

The CynergisTek difference lies in the three approaches to risk assessment that we offer:

The Facilitated Risk Assessment is designed specifically as a highly interactive approach to complete a best practice risk assessment project while providing a learning environment for our client through a series of structured, facilitated tutorials. The goal of this approach is threefold:

The Facilitated Risk Assessment is an exceptional approach for large clients and multi-facility enterprises to gather together to participate. It can also be a more economical approach because individual site visits are not required.

The Independent Risk Assessment offers a traditional consulting experience where CynergisTek performs all aspects of a best practices IT security risk assessment including administrative and technical review, threat, vulnerability and consequence analysis, regulatory gap analysis, risk profiling and action plan development.

Risk Assessment IV&V: For organizations that complete risk assessment internally we offer an independent verification and validation service to review the process employed, analysis conducted and plan documented. This independent review adds a further degree of rigor and due diligence to this important effort.