Obtaining ‘Rely-able’ Assurances

February 4, 2020
392 Views

By Jeremy Huval, Chief Compliance Officer

Rely-able Assurances

Understanding the risks faced by your organization and your information supply chain is crucial to any organization’s ongoing operations and market viability. The ability to obtain and provide reliable assurances is vital to making informed risk decisions. Across all industries and geographies, organizations large and small are faced with the challenge of evaluating the many assessment and reporting options available in the market today.

Rely-ability-convo

Organizations must be prepared to provide assurances to internal teams, senior management, the Board of Directors, business partners, and customers. The chosen assurance reporting mechanism should convey the degree to which your organization is safeguarding assets and complying with applicable international, federal, and state regulations. A strong information protection and compliance program is an important market differentiator, becoming one of the most important deciding factors when discussing potential business relationships and helping to grow your organization. Also, when assessing potential business relationships, gaining assurances that your data is being adequately safeguarded is crucial.

Considerations

When evaluating the various options for both providing and obtaining assurances there are several key questions which organizations should ask themselves, including:

  • How do we know if a given approach to assessing and reporting information risk management and compliance is right for us?
  • What criteria should be considered when evaluating a control assessment and reporting option?
  • Is a scoring mechanism for the assurance report provided?
  • Is the third-party assessor/auditor performing the work on this assessment reliable?
  • How do some of the most popular approaches compare when it comes to their overall ‘rely-ability’?

These are just a small sampling of the many important concerns which your organization should be keeping at the forefront of its decision-making processes. For insights into these vital considerations, see How Do I Know if an Assurance Report is ‘Rely-able’?

You may be interested

It’s More of a Guideline Than a Rule…
CISO Corner
shares131 views
CISO Corner
shares131 views

It’s More of a Guideline Than a Rule…

Lacy Deatrich - Apr 02, 2020

Maintaining information protection and compliance rigor throughout the COVID-19 outbreak By Jason Taule, Chief Information Security Officer & Vice President…

Addressing the Impact of COVID-19 on CSF Assessment Procedures
Compliance & Risk Management
shares806 views
Compliance & Risk Management
shares806 views

Addressing the Impact of COVID-19 on CSF Assessment Procedures

Lacy Deatrich - Apr 01, 2020

By Jeremy Huval, Chief Compliance Officer As COVID-19 continues to spread across the globe and affect the way we live…

Solutions to Common QA Issues
Assurance
shares190 views
Assurance
shares190 views

Solutions to Common QA Issues

Lacy Deatrich - Mar 17, 2020

By Bimal Sheth, Vice President of Assurance Services During a recent team meeting, the Assurance team was discussing some commonly…