Risk Assessment

Simplified Risk Assessment For Health Care

Tunitas Group has taken the best of the qualitative risk assessment metholodogies and developed a simplified approach that can be used to streamline assessments of a large number of systems. All risk assessment methologies are based on the same set of functions: threats, impacts, and their likelihood of occurance. The Tunitas Group methodology is a qualitative approach that manages much of the inherent subjectivity to produce replicable, consistent results across the organization.

The process has 5 steps:
1. System Description
2. Impact Assessment
3. Control Inventory
4. Risk Characterization
5. Corrective Action Plan

Each step has complete instructions for data collection, analysis, and documentation. After completing all 5 steps, your risk assessment report and corrective action plan documents your activities and helps you to manage and monitor next steps.

Contact us for more information.

HIPAA may be the focus of healthcare security and compliance officers, but it is not the only mandate governing the protection of personal health information.

The Centers for Medicare & Medicaid Services (CMS) has published a set of security guidelines, the Core Security Requirements (CSR), that define minimum security requirements for all CMS systems. By the first quarter of 2005, CMS will require its contractors to comply with the "High" level of information security and protection. Contractors who do not meet this highest level of compliance will be prevented from bidding on, or even retaining, CMS business.

.

Related Links

CMS Standards
Audit Standards (CoBIT)
NIST Standards