Gap Analysis and Management - Continuity Professionals Pulse

Operational Resilience Self-Assessment: Achieving the March 2022 Deadline

Castellan

NOVEMBER 29, 2021

In terms of self-assessment, regulators do not expect firms to build out a full operational resilience capability ; instead, they are looking for a gap analysis. So, by 31 March 2022, I would expect that you will be able to set out a compelling gap analysis. Who will develop and manage the capabilities?

Resilience

Resilience Gap Analysis Authorization Business Services

Audit Checklist for SOC 2

Reciprocity

DECEMBER 21, 2022

SOC 2 is a set of standards developed by the American Institute of CPAs (AICPA) for managing client data based on five “trust service principles”: security, availability, processing integrity, confidentiality, and privacy. Providers of corporate intelligence, analytics, and management services. Change management.

Audit

Audit Gap Analysis Security Cybersecurity

ISO 27001 Certification Requirements & Standards

Reciprocity

DECEMBER 21, 2022

Deciphering the various numbers can be confusing at first, but each standard is numbered and deals with a specific facet of managing your company’s information security risk management efforts. The 27001 standard provides requirements for businesses to implement and operate an Information Security Management System, or ISMS.

Audit

Audit Accreditation Gap Analysis All-Hazards

The Most Overlooked Security Issues Facing the Financial Services

Solutions Review

SEPTEMBER 8, 2023

Please note: usually when the initial gap analysis is done (remember step 1), you end up with a long list of deviations. Ongoing risk management Storage and backup security demands active, ongoing risk management. Implementation With knowledge accrued and threats defined, the rubber needs to meet the road.

Financial Services

Financial Services Security Backup Audit

Preparation Continues for the Digital Operational Resilience Act

Fusion Risk Management

JANUARY 5, 2023

The old way of managing risk and resilience programs is no longer effective or efficient, and regulators have taken note. Risk Management. To meet the DORA’s standards, firms must update their technology risk management governance. Supply Chain Management and Third-Party Risk. The 5 Pillars of the DORA.

Resilience

Resilience Financial Services Audit Outsourcing

Customer Insights 2023: Fusion’s March Community Exchange Round Up

Fusion Risk Management

APRIL 27, 2023

Third-Party Risk Management Understanding which third parties play a critical role in your ability to deliver products or services is crucial so that you can prioritize efforts and mitigate issues as they arise. During this Community Exchange session, Fusion’s product experts dove into our Communities functionality.

Risk Management

Risk Management Gap Analysis Resilience Mitigation

The Digital Operational Resilience Act is Finalized – Now is the Time to Act

Fusion Risk Management

AUGUST 18, 2022

The DORA is landmark legislation that is the first of its kind that focuses on how regulated entities manage their ICT risk. Leverage a gap analysis to understand where your organization can strengthen current processes or add new ones to meet the range of proposed requirements for your ICT risk management framework. .

Resilience

Resilience Authorization Gap Analysis Risk Management

5 Steps To Developing A Corporate Compliance Program

Reciprocity

DECEMBER 19, 2022

Although corporate compliance can feel overwhelming at first, corporate compliance programs offer a sound foundation for business strategy and risk management. Effective compliance requires the support of senior management. The larger your organization grows, the more regulations and compliance burdens you encounter.

Audit

Audit All-Hazards Gap Analysis Healthcare

The 5 Golden Rules of When Business Continuity Software Goes Bad

Plan B Consulting

AUGUST 22, 2022

We use Castellan to manage our own ISO 22301 certification. Business continuity software usually has additional functionality so that you can model data, see recovery critical paths, do gap analysis against existing application RTOs and RPOs, and compare them against the organisation requested RTOs and RPOs.

Business Continuity

Business Continuity Gap Analysis Consulting Activation

The 5 Golden Rules of When Business Continuity Software Goes Bad

Plan B Consulting

AUGUST 22, 2022

We use Castellan to manage our own ISO 22301 certification. Business continuity software usually has additional functionality so that you can model data, see recovery critical paths, do gap analysis against existing application RTOs and RPOs, and compare them against the organisation requested RTOs and RPOs.

Business Continuity

Business Continuity Gap Analysis Consulting Activation

‘Third Generation Business Continuity’

Plan B Consulting

FEBRUARY 2, 2018

This week I travelled to London to attend a meeting with a new client who we are conducting a gap analysis for, based on their present level of business continuity. All parts of the lifecycle were there, there were checklists galore, detailed analysis in the BIA and a good robust framework for the on-going management of BC.

Business Continuity

Business Continuity Audit Gap Analysis Travel

‘Third Generation Business Continuity’

Plan B Consulting

FEBRUARY 2, 2018

This week I travelled to London to attend a meeting with a new client who we are conducting a gap analysis for, based on their present level of business continuity. All parts of the lifecycle were there, there were checklists galore, detailed analysis in the BIA and a good robust framework for the on-going management of BC.

Business Continuity

Business Continuity Audit Gap Analysis Travel

Selling Business Continuity to the C-Suite: Don’t!

Plan B Consulting

JUNE 7, 2016

This bulletin week Charlie talks about the importance of senior manager buy-in within business continuity. If business continuity is such an easy sell, why is selling business continuity to senior managers even an issue? Use the information from your BIA to make senior managers aware of the impact of an incident occurring.

Business Continuity

Business Continuity Gap Analysis BCM Consulting

Selling Business Continuity to the C-Suite: Don’t!

Plan B Consulting

JUNE 7, 2016

This bulletin week Charlie talks about the importance of senior manager buy-in within business continuity. If business continuity is such an easy sell, why is selling business continuity to senior managers even an issue? Use the information from your BIA to make senior managers aware of the impact of an incident occurring.

Business Continuity

Business Continuity Gap Analysis BCM Consulting

The 5 Golden Rules of When Business Continuity Software Goes Bad

Plan B Consulting

AUGUST 22, 2022

We use Castellan to manage our own ISO 22301 certification. Business continuity software usually has additional functionality so that you can model data, see recovery critical paths, do gap analysis against existing application RTOs and RPOs, and compare them against the organisation requested RTOs and RPOs.

Business Continuity

Business Continuity Gap Analysis Consulting Activation

RTO vs. RPO: What’s the Difference and How are They Used?

Castellan

AUGUST 18, 2021

According to the Federal Emergency Management Agency (FEMA), about 25% of businesses do not re-open after disasters. Email application: 4 hours Finance systems and services: 1-2 days Customer Relationship Management System (CRM): 1 day. However, here are some RTO examples. What would these same RTOs look like for your organization?

Disaster Recovery

Disaster Recovery Backup Business Continuity Gap Analysis

ISO 27001 Requirements Checklist: Steps and Tips for Implementation

Reciprocity

OCTOBER 1, 2022

The ISO 27001 standard for management of information systems helps organizations of any size to manage the security of data assets such as employee information, financial information, intellectual property, and third-party information. 8 – Asset Management. 16 – Information Security Incident Management.

Gap Analysis

Gap Analysis Audit Security Asset Management

5 Steps towards an Actionable Risk Appetite

LogisManager

JANUARY 12, 2023

Risk appetite is a higher-level statement that considers the broad levels of risk that management deems acceptable. For a risk appetite, management has decided it is willing to accept small losses in 15% of investments it has deemed ‘risky.’ Risk Appetite vs. Risk Tolerance. From here, we can move on to an associated tolerance range.

Acceptable Risk

Acceptable Risk Strategic Activation Mitigation

Choosing a Governance Risk and Compliance Tool: Constant Vigilance

Reciprocity

DECEMBER 27, 2022

Managing all your governance, risk, and compliance (GRC) needs is no easy task. GRC is an integrated approach to managing the organization’s governance, IT and security risks, and regulatory compliance functions. The three pillars of a GRC program are governance, risk management, and compliance. Risk Management.

Government

Government Audit Risk Management Disaster Recovery

The SEPA Cyber Attack a Case Study

Plan B Consulting

JANUARY 18, 2021

Providing contradictory information in an incident is poor incident management, and within the same website, plays into a narrative of poor communications. Those of you who have yet to prepare your organisation for managing an incident and put in place the basics now is the time to do so.

Communications

Communications Media Government Publishing

The SEPA Cyber Attack a Case Study

Plan B Consulting

JANUARY 18, 2021

Providing contradictory information in an incident is poor incident management, and within the same website, plays into a narrative of poor communications. Those of you who have yet to prepare your organisation for managing an incident and put in place the basics now is the time to do so. For more information click here.

Communications

Communications Media Government Publishing

Continuity Professionals Pulse

Operational Resilience Self-Assessment: Achieving the March 2022 Deadline

Audit Checklist for SOC 2

Trending Sources

ISO 27001 Certification Requirements & Standards

The Most Overlooked Security Issues Facing the Financial Services

Preparation Continues for the Digital Operational Resilience Act

Customer Insights 2023: Fusion’s March Community Exchange Round Up

The Digital Operational Resilience Act is Finalized – Now is the Time to Act

5 Steps To Developing A Corporate Compliance Program

The 5 Golden Rules of When Business Continuity Software Goes Bad

The 5 Golden Rules of When Business Continuity Software Goes Bad

‘Third Generation Business Continuity’

‘Third Generation Business Continuity’

Selling Business Continuity to the C-Suite: Don’t!

Selling Business Continuity to the C-Suite: Don’t!

The 5 Golden Rules of When Business Continuity Software Goes Bad

RTO vs. RPO: What’s the Difference and How are They Used?

ISO 27001 Requirements Checklist: Steps and Tips for Implementation

5 Steps towards an Actionable Risk Appetite

Choosing a Governance Risk and Compliance Tool: Constant Vigilance

The SEPA Cyber Attack a Case Study

The SEPA Cyber Attack a Case Study

Stay Connected