|
assess...educate...advise
|
Pre-Exam Readiness:
the key to a succesful exam
R.I.S.C. has seen too many institutions scramble at the last minute to prepare for a regulatory exam only to wind up receiving an MoU, DoR or secondary findings because they were unable to produce the documentation that the examiners were looking for. In many cases, these same institutions had most or all of the documentation but simply did not prepare for the exam in a coordinated fashion and just couldn't produce what was required.
"An ounce of prevention is worth a pound of cure" could not be truer when it comes to going through a regulatory exam. R.I.S.C. will hep you coordinate and prepare all the requisite documentation that you will need to produce for your exam. We conduct the following 5 step process:
> Develop project plan
> Assess existing documentation and compare to regulatory requirements
> Generate GAP Analysis
> Develop Action Item Register
> Create Tracking Document
The result is a coordinated plan that includes all components of the information security program completed to date and a clear understanding of what the open items are (if any) with an action item list and schedule for completion. This Pre-Exam Readiness Plan can be used as a tool in an ongoing fashion to prepare for future exams in a coordinated manor utilizing milestones and task ownership.
|
|