top of page

RISK ASSESSMENT CASE STUDY

“Knox has delivered sound education to the finanical community around their responsibilities ” – Investment Group

 

"Understanding our risks have helped us make better decisions _Customer's Privacy Officer

 

Challenge

 

Many companies in all industries are struggling with the difficult challenge of meeting regulatory standards. However, before any regulatory mandate can be followed, firms must have a solid awareness as to where their risks reside inside their organization. A risk can be internal, external, technology related or non-technology related. In addition to risk identification, firms must also have a cost associated with each reach and the cost of remediation.

 

Knox has brought many organizations to this reality in identifying their risk before any plan to resolve is executed. 

 

Execution

 

Knox carefully meets with the leaders of each department to understand their business process from a technical and non-technical perspective. Some of the departments consisted of the application, finance, human resources, Board, marketing and legal teams. After carefully understanding the operations and how each department contributes to the business objective, Knox was able to align their risks with compliance standards while identifying frameworks to achieve those requirements.

 

Laying the security roadmap is paramount for the organization to move ahead as Knox believes that a risk assessment is only useful if a plan to remediate is strategized thereafter. 

 

Conclusion

While there is never a conclusion for information security and security must evolve throughout the lifetime of the business, we can say the client has seen more business through a sound security protocol. In today's environment, larger firms want to vet information security as part of the sales process and if the security is not up to standards, you will loose the opportunity to do business with medium to larger firms.

 

Quote, (2013). S. Patterson: 

Once the client realizes the power of security and all the ways it can help the business, the clients actually become the biggest advocate and internal regulator to ensure all employees are following said standards. 

bottom of page