What is a Risk Assessment?
A Risk Assessment is a thorough look at your workplace to identify the items, situations, processes, etc. that may cause harm, particularly to people and/or data. After identification is made, analyzation and evaluation takes place to see how likely and severe the risk is. When this determination is made, we will generate a “Mitigation Plan” to decide what measures should be in place to effectively eliminate or control the harm from happening.
Why is a Risk Assessment important?
Risk assessments are very important as they form an integral part of an occupational health and safety management plan. They help to:
Warning: IT Factor has noted that there are some companies that have been performing Risk Assessments in the El Paso area where companies are given a single page document with checkmarks on them stating everything has passed the assessment. This is not a valid risk assessment as a risk assessment should include all documentation and equals out to about 30 pages of information.
Why Choose Us?
IT Factor has performed 100+ HIPAA and Standard Risk Assessments over the past few years. We understand the terminology that comes with a risk assessment and reviewing a Policy and Procedures manual. Our risk assessments include:
Frequently Asked Questions
How long does this process take?
When performing a risk assessment, we will sit with your security official (Owner or Office Manager) and review our questionnaire form. This process will take around 2 hours of time. Once the questionnaire is complete, we will review all risks and generate a mitigation plan, disaster recovery plan, and perform a penetration test for your network. You will receive all documentation and testing results within 24 hours from the initial meeting.
How often do I need to perform a Risk Assessment?
You should have a risk assessment performed once a year. This is especially true with HIPAA risk assessments so that, if audited, you have documentation about your progress in your mitigation plans to show that you are actively working to solve the issues found from the original assessment.
What should I have at our first meeting for my Risk Assessment?
Please have your Employee Handbook or Policies and Procedures manual available for review. This could also be sent to us in PDF format via e-mail. If you have any prior Risk Assessments or Penetration Tests performed, please have that documentation available as well.