top of page

05 Controls Management

Risk Cypher will support the development of an integrated Technology Controls Management program as needed and directed by the client.

05 Controls Management

Risk Cypher will maintain the availability of resources for the performance of the following activities:

● Design and implement an enterprise-wide IT Controls Management lifecycle program, including the process of creating, updating, reviewing, and approving controls
● Update existing controls listing to align with desired frameworks
● Identify control attributes and define which are required vs. optional
● Create a methodology for the identification of key controls and establish key controls library

Deliverables

In support of the objectives described above, Risk Cypher will also have responsibility for the following deliverables:

● Performance of a gap analysis on existing risks and controls to relevant organizational and regulatory frameworks (NIST CSF / 500-83, GLBA, NIST RMF)
● Development and communication of a consolidated and consistent controls library
● Development of a Controls Library to be imported within a module of the target GRC platform
● Develop a control testing program (ToD, ToE) as aligned with the ongoing IT RCSA program
● Develop centralized control effectiveness reporting program (including procedure) as aligned with the overall IT Risk & Security Reporting program

bgf.jpg
Logo B ( PNG File) copy 2.png
  • Linkedin
strip233_edited.png

OUR MISSION

EXPLORE

DO YOU HAVE QUESTIONS?

We help businesses make data-driven risk management decisions while driving a fun team environment to minimize risk and maximize success. ​

All © Copyrights Reserved 2023 RiskCypher

Risk Cypher
1048 Irvine Ave, # 836
Newport Beach, CA, 92660-4602
United States

bottom of page