In practical terms, a risk assessment is a thorough look at your workplace to identify situations and processes that may cause harm. After identification is made, you evaluate how likely and severe the risk is, and then decide what measures should be in place to effectively prevent or control the harm from happening.
With Cyber Offense 360 Training, you also receive the InteProIQ Risk Assessment Workbook. This resource is fully customizable to your business and supports Written Information Security Program (WISP) compliance. You can utilize the Risk Assessment Workbook or merge it into your existing structure with confidence that the protocols were developed and written specifically for small and medium-sized businesses.
Written Information Security Program (more commonly referred to as a WISP) is the foundation supporting information security standards. Research supports that by consistently demonstrating an ongoing information security standards program the risk of a data breach is significantly reduced.
5 Requirements of a WISP
- Training: verifiable and on-going information security training
- Risk Assessment: on-going reassessments
- Written Policies: updated and maintained
- Designate employee as WISP coordinator
- Service Provider/Supply Chain: contractually required to maintain a WISP