Information Risks

Assessment for Information Risks®

POWERFUL INSIGHTS for PRIVACY and LITIGATION READINESS

Schedule a Demo   Fact Sheet

ASSESSMENT FOR INFORMATION RISKS®

The Assessment for Information Risks® is a tightly-structured professional service that enables companies to rapidly and accurately gain deep insights into all aspects of data and records management practices.

The world-class surveys and highly efficient service delivery model enable scores of actionable insights to be accurately generated in less than a month:

  • Full data inventories and privacy data maps for litigation and privacy readiness
  • Retention benchmarking against industry-specific requirements and standards
  • Insights into email usage, sensitive content and retention practices
  • A path towards better litigation readiness that covers data and email minimization, hold management, program defensibility gaps and more
  • Cyber gaps due to employee practices and compliance levels
  • Cyber gaps due to current levels of third-party diligence and sufficiency

HIGHLY EFFECTIVE

The underlying web-based service technology and best practice questions sets make the process fast, easy and highly accurate.  Projects are completed in an average of 30 days.

Specific surveys are directed to internal subject matter experts regarding a range of current information privacy and governance practices.  Unlimited department managers provide deep insights into current practices and profiling for every record type and application used within their areas.

The workflow is entirely supported by Jordan Lawrence.  The results are predictable and invaluable for identifying risks and opportunities for mitigating or eliminating some of the most costly situations facing companies today.

BETTER DEFENSIBILITY

Our work process is tightly structured to ensure consistent insights to map against benchmarking standards for risk identification and reduction.  Our question sets and survey standards are based on more than 1,000 client projects over the past decade, which we’ve adapted and enhanced with the world’s leading cybersecurity frameworks and models.  We have created what we believe are the most effective and defensible surveys available.  The three distinct groups of survey standards are:

The Subject Matter Expert standards that build directly off our extensive client experience, the NIST Cybersecurity Framework, NIST SP 800-171, as well as the intentions of the EU GDPR and U.S. privacy and cybersecurity regulations.
The Department Manager Overview standard that provides deep insights into the information handling, training and other aspects of how data and records are being controlled within each department.
The Record Type & Application Profiling standard that enables departmental participants to provide deep “valuation” and “sensitivity” insights into each record type and application used within their area.  Nearly 100 insights are collected for each and include topics covering retention, media usage (including email), sensitive content elements (employee, customer and corporate data), movement and storage (authorized and unauthorized) and dozens of others.

ACTIONABLE REPORTING

In less than a month, we deliver dozens of invaluable, detailed reports based directly on interrelated insights provided by your participants.  Reporting covers critical information risk areas including:

  • Executive Highlights Report of the findings and recommendations for the most pressing issues at your company.
  • Information Privacy reports on the interrelated issues around over-retention of sensitive content, unauthorized movement and storage of data, employee practices in information handling, third-party diligence and other topics.
  • Litigation Readiness reports covering opportunities to reduce risks by eliminating unnecessary email and other records, hold management processes, and establishing better and more enforced records management standards.
  • Information Governance reports that outline simple and effective steps you can take to dramatically and appropriately eliminate unneeded email and records, establish a consistent and compliance-centric enforcement pattern with employees, and direction on retention rules that are proven, applicable and more defensible than other alternative approaches.

LITIGATION READINESS

Detailed discovery datamaps help meet FRCP requirements and provide insights into hold management and program gaps.

DATA MINIMIZATION

Special reporting on processes and next steps for defensible disposal of email, paper and other legacy information.

INFORMATION PRIVACY

Specialized reporting on current handling practices tied to corporate, employee and customer data.

VENDOR DILIGENCE FRAMEWORK

Insights for minimizing the three primary risk groups in third-party diligence more effectively and defensibly.

HUMAN FACTORS FRAMEWORK

Clarifying insights into current risk factors that originate from internal employee information-handling behaviors.

SPEED & ACCURACY

Tightly-structured processes and best-practice standards make projects fast, accurate and efficient.

FOR MORE INFORMATION, CONTACT US OR VIEW OUR FACT SHEET.