make a good business better
Print Divider Print Divider Branding

Providing Strong Foundations for Risk-Management Decisions

Running a secure network means making good decisions. And to make sound decisions in a world of constantly emerging threats you need to conduct regular security risk assessments. LBMC Security & Risk Services designs its security risk assessments to arm your organization with the information it needs to fully understand your risks and compliance obligations.

Efficient Compliance With Multiple Frameworks

With the explosion of information security regulations, especially in the healthcare arena, organizations can easily comply themselves out of business. Achieving a successful balance requires an integrated compliance approach. Our team members draw on extensive experience and credentials to perform a single information security risk assessment that covers compliance with multiple frameworks and standards, such as:

  • National Institute of Standards and Technology (NIST) SP 800-53 and SP 800-66
  • HIPAA Security Rule Risk Management Standard
  • Payment Card Industry Data Security Standard (PCI DSS)
  • Health Information Trust Alliance (HITRUST) Common Security Framework
  • Centers For Medicare & Medicaid Services (CMS) Acceptable Risk Safeguards
  • Section 404 of the Sarbanes-Oxley Act

A preferred and endorsed provider of information security risk assessments by many state hospital associations, LBMC provides the independent, objective perspective on your control environment you need to comply with all of these standards — and provide peace of mind to your stakeholders.

People, Process, Technology

Our extensive team includes individuals who are skilled at evaluating all three pillars of security: people, process and technology. Our policy and process specialists perform thorough interviews and document reviews, while our technical analysts take a close look under the hood of your network. The result is a thorough and comprehensive analysis of the current state of security in your organization and a clear picture of your security posture. Our security risk assessment approach involves the following phases:

  • Interviews with key personnel who perform, administer or oversee IT security and privacy functions, as well as other line of business owners.
  • Review of documentation, including information security policies, processes, IT systems, logs and training materials, and we compare them to leading practices outlined in relevant regulations.
  • Vulnerability assessments. We perform a variety of automated and manual assessments to assess your information security system and identify areas that could pose threats to your company.
  • Preparation of current state assessment report, comparing the results of the first three phases to the relevant security framework(s).
  • Delivery of your Compliance Scorecard. At the conclusion of each risk assessment, LBMC prepares a compliance scorecard and dashboard that highlights your organization’s progress toward compliance with each of its regulatory obligations and the specified security frameworks. This document presents the information in a manner that is easily digested by business executives while also providing the details that those with security and compliance responsibilities will need to remediate any weaknesses.

Free Download - Breach: Network Security Best Practices, 2nd Edition

Learn how to prevent and respond to security breaches in the updated Breach Guide.

Contact Us

To learn more about our in-depth penetration testing services, contact us or call 1-844-526-2732.

click here for executive team