secpliance is Illumant’s compliance consulting unit focused on regulatory security requirements and security best practices, including risk analysis, policies and procedures, and compliance readiness

Risk Assessment (RA)

The risk assessment is a top down analysis of an organization's security posture. Leveraging vulnerability data and security information gathered through other assessment components, along with data collected through targeted questionnaires and interviews, Illumant performs a quantitative risk analysis to determine the top threats to information security, biggest vulnerabilities, and largest opportunities for risk reduction through cost-benefit analysis.


Highlights

  • Top down risk assessment
  • Inventory of critical assets
  • Identification and severity of vulnerabilities
  • Enumeration of threats
  • Calculation of risk
  • Risk factors
    • Confidentiality
    • Integrity
    • Availability
  • Cost-benefit analysis of risk remediation efforts

Targets

  • Sensitive data
    • Customer data
    • ePHI
    • Financial info
    • SSNs
    • CCNs
  • Critical systems
    • Servers
    • Applications
    • Databases
    • Laptops
    • Desktops
    • USBs, DVDs, etc

top-down strategic risk assessment asset inventory vulnerability analysis threat model

ePHI SSNs CCNs customer data financial info IP servers applications desktops laptops storage file servers databases sharepoint USBs DVDs

Best-practices HIPAA

Related Services:

    HIPAA/HITECH Security Rule Compliance and Security Risk Assessment ‐ Illumant's HIPAA-C service is a straightforward solution for addressing the compliance and security risk analysis requirements of the HIPAA Security Rule and the HITECH Act, and for addressing a core objective of "Meaningful Use". Illumant leverages a refined model for conducting the required HIPAA security risk analysis, and assesses an organization's safeguards to ascertain compliance with the HIPAA security rule. The assessment includes internal and external technical vulnerability analysis, technical and physical penetration testing, and social engineering. Illumant provides practical remediation advice for addressing gaps and shoring up compliance. {Read more}

    Policies Procedures and Practices Assessment (PPPA) ‐ Ensures that documented IT policies and procedures, and associated practices, are aligned with best-practices and applicable regulatory requirements. The PPPA is a gap analysis and the first place to start towards compliance with best-practices, regulatory requirements, and standards, such as HIPAA, SOC, PCI, CIPv5, NIST, ISO, DFARS, GLBA, SOX, etc. {Read more}

    Perimeter Security Assessment & Penetration Testing (PSA) ‐ Provides assurance that Internet-facing networks and systems are protected from hackers/malware (aka the hacker's perspective). {Read more}

Assessments

Compliance

Security Awareness Training

Other Links

Contact Information

431 Florence Street, Suite 210
Palo Alto California, US
Phone: 650 961 5911
Fax: 650 961 5912
Email: info@illumant.com

Currently in Palo Alto

2006-2024 © Illumant, LLC. All Rights Reserved.