Risk Assessment

Equal Opportunity Statement

Kairos Vision Consult, LLC maintains a work and educational environment free from discrimination, one where employees and students are treated with dignity and respect. All employees share in the responsibility for fulfilling our commitment to equal employment opportunity. Kairos Vision Consult, LLC does not discriminate against any employee or applicant on the basis of age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances. We adhere to these principles in all aspects of employment, recruitment, hiring, training, courses, compensation, promotion, benefits, online interactions, and discipline. In addition, this policy extends in adherence and compliance to our visitors and students.

Services

Why Carry Out A Cyber Security Risk Assessment?

Risk assessment – the process of identifying, analyzing, and evaluating risk – is the only way to ensure that the cybersecurity controls you choose are appropriate to the risks your organization faces. Risk Assessment helps your organization understand risks that could cause significant damages to your organization.

What Does A Kairos Vision Consult Cyber Security Risk Assessment Include?

A KVC Cyber Security Risk Assessment identifies the various information assets that could be affected by a cyber-attack (such as hardware, systems, laptops, customer data, and intellectual property), and identifies the various risks that could affect those assets.

Kairos Vision Consult performs risk assessment, estimation, and evaluation, followed by the selection of controls to treat the identified risks. It is important to continually monitor and review the risk environment to detect any changes in the context of the organization, and to maintain an overview of the complete risk management process.

ISO 27001 And Cyber Risks

The international standard ISO/IEC 27001:2013 (ISO 27001) provides specifications of best-practice ISMS (information security management system) – a risk-based approach to corporate information security risk management that addresses people, processes, and technology. Clause 6.1.2 of the standard sets out the requirements of the information security risk assessment process.

Organizations must:

Establish and maintain certain information security risk criteria.
Ensure that repeated risk assessments “produce consistent, valid and comparable results”.
Identify “risks associated with the loss of confidentiality, integrity, and availability for information within the scope of the information security management system”, and identify the owners of those risks.
Analyze and evaluate information security risks, according to the criteria established earlier.

By this standard, organizations are required to document and retain information about the information security risk assessment process. This helps to demonstrate that they are in compliance with the ISO requirements.

Cart