|
The Threat Vulnerability Assessment Tool is one component of a series of
HandiGuide ®
Tools that are used to
assess threats and vulnerabilities associated with both physical and electronic locations. This process
is mandated by Sarbanes Oxley and has been used by scores of
our clients. Included in the tool is a detail work plan for managing the
Threat & Vulnerability Assessment Process.
Sarbanes Oxley compliance requires enterprises to conduct a risk
vulnerability and threat vulnerability assessment. The process
concludes with a security vulnerability assessment.
A 3 page questionnaire should be completed for each physical
location of the enterprise and for each business application and the
location that the application/process is used. Sections of the
Questionnaire Tool
include the following:
-
Demographics of
each physical location,
-
Access to each
facility at each physical location,
-
Environmental
factors associated with each physical location,
-
IT and business
process at each facility,
-
A risk ranking
matrix with a scoring mechanism that looks at:
The tool comes in PDF, EXCEL
(2003 and 2007), and WORD (2003 and 2007) formats that can be
used directly, modified, or both.
|
