Development of security risk assessment procedure based on HITRUST security framework
Risk Assessment is an integral part of organizational practice to assess the levels of security in business operations, IT infrastructure and information systems. It helps to protect critical data, identify security flaws, and ensures that appropriate policies and procedures have been implemented an...
Saved in:
| Main Author: | |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Animo Repository
2022
|
| Subjects: | |
| Online Access: | https://animorepository.dlsu.edu.ph/etdm_comtech/11 https://animorepository.dlsu.edu.ph/cgi/viewcontent.cgi?article=1015&context=etdm_comtech |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | De La Salle University |
| Language: | English |
| Summary: | Risk Assessment is an integral part of organizational practice to assess the levels of security in business operations, IT infrastructure and information systems. It helps to protect critical data, identify security flaws, and ensures that appropriate policies and procedures have been implemented and working effectively. This study aims to develop an Information Security Risk Assessment procedure based on HITRUST Security Framework that will help internal risk assessors to increase efficiency in performing risk assessment and guide the business personnel to understand the requirement of this framework. HITRUST is a widely adopted security framework that provides comprehensive risk management and compliance program that can help to identify, assess, and mitigate potential risk in the organization. Compliance to this framework is important to prove that organization is committed in upholding the highest level of data protection to its customers while noncompliance can lead to productivity losses, business disruption and imposition of hefty fines, and penalties.
Keywords: Information Security, Risk Assessment, Security Framework, HITRUST |
|---|