|
Microsoft Security Bulletin: July 2009 Microsoft Security Bulletin: June 2009 Microsoft Security Bulletin: May 2009 |
 |
|
KCG believes the goal of any information security program is to identify the organization’s risk tolerance and to reduce or minimize risk down to that accepted level. Developing a comprehensive risk assessment program with regularly performed, consistent risk assessments at the enterprise and system level is a critical component of risk management. KCG assists organizations in defining their risk tolerance by identifying the organization’s critical assets and data and developing the damage profile the organization faces should those assets be compromised. KCG assists organizations in developing comprehensive risk assessment programs as required by FISMA and in compliance with NIST Special Publications 800-30 and 800-53. The risk assessment identifies the threats to the system, the likelihood of occurrence, the potential impact, and the security controls required to reduce the risk down to an acceptable level and minimize the damage profile. The federal government faces critical challenges related to the privacy and protection of consumer, constituent, employee, and partner data. Recent legislation and public demand to protect personally identifiable information (PII) requires organization’s to place a greater focus on understanding where PII data is being stored, processed, and transmitted, and properly protecting that information from loss or misuse. KCG assists clients with achieving and maintaining compliance with privacy legislation including OMB and FISMA requirements and executing Privacy Impact Assessments on information systems. KCG service offerings in Risk and Privacy Assessments include:
|
|
Copyright © 2008 Knowledge Consulting Group