By Jeremy Huval, Chief Compliance Officer
Understanding the risks faced by your organization and your information supply chain is crucial to any organization’s ongoing operations and market viability. The ability to obtain and provide reliable assurances is vital to making informed risk decisions. Across all industries and geographies, organizations large and small are faced with the challenge of evaluating the many assessment and reporting options available in the market today.
Organizations must be prepared to provide assurances to internal teams, senior management, the Board of Directors, business partners, and customers. The chosen assurance reporting mechanism should convey the degree to which your organization is safeguarding assets and complying with applicable international, federal, and state regulations. A strong information protection and compliance program is an important market differentiator, becoming one of the most important deciding factors when discussing potential business relationships and helping to grow your organization. Also, when assessing potential business relationships, gaining assurances that your data is being adequately safeguarded is crucial.
When evaluating the various options for both providing and obtaining assurances there are several key questions which organizations should ask themselves, including:
- How do we know if a given approach to assessing and reporting information risk management and compliance is right for us?
- What criteria should be considered when evaluating a control assessment and reporting option?
- Is a scoring mechanism for the assurance report provided?
- Is the third-party assessor/auditor performing the work on this assessment reliable?
- How do some of the most popular approaches compare when it comes to their overall ‘rely-ability’?
These are just a small sampling of the many important concerns which your organization should be keeping at the forefront of its decision-making processes. For insights into these vital considerations, see How Do I Know if an Assurance Report is ‘Rely-able’?
You may be interested
Improving the Throughput and Transparency of the HITRUST Assurance Program: February 2020 UpdateLacy Deatrich - Feb 21, 2020
By Bimal Sheth, Vice President of Assurance Services Welcome back for the February update in our series on Improving the…
International Data Privacy Day Underscores Worldwide Focus on Protecting Consumer DataLacy Deatrich - Jan 29, 2020
By Anne Kimbol, Chief Privacy Officer Recognized by international organizations, the January 28 Data Privacy Day is meant to raise…
Improving the Throughput and Transparency of the HITRUST Assurance Program: December 2019 UpdateLacy Deatrich - Dec 19, 2019
By Bimal Sheth, Vice President of Assurance Services For those of you who joined the webinar on November 20th, Improving…