Establishing and maintaining an information risk management plan is crucial in today’s ever-changing cyber landscape. Covered Entities (CE) and their Business Associates (BA), and are required by law to safeguard PHI and other sensitive personal data from compromise or potentially suffer considerable consequences.
Too many BOD and C-suite executives are far too disengaged from information risk management and information risk management is not an IT problem. It’s a business and information risk management decision. This webinar is designed to help management and staff to understand the importance of information risk management so that they may build their case for action and assist their organizations in establishing, operationalizing and maturing their information risk management programs… and, achieve better outcomes in managing information risks.
This session is offered as a 75-minute webinar using the GoToWebinar platform. The open format encourages questions during and after the session. Attendees will receive the presentation materials the day after the event.
The effective three-point agenda is:
- Problem and Case for Action
- NIST-Based Risk Assessment
- Resources for Attendees
Date & Time
August 10, 2016 at 11 am – 12.15pm CT
Register for the 8/10 webinar
This information risk management presentation will enable attendees to stand back and consider the complete landscape of a robust information risk management program, including leaving the session with practical, tangible, actionable next steps for their organizations.
Who Should Attend?
Business leaders, managers and professionals with responsibility for privacy, security, compliance or risk management should attend. CEOs, COOs, CFOs, Chief Compliance Officers, Chief Risk Officers, Chief Privacy Officers, Chief Security Officers, Chief Information Officers should also attend given the increased scrutiny under which shareholders and other stakeholders are placing these executives.
BOD / C-Suites being too far disengaged from information risk management is only the tip of the iceberg for healthcare organizations. As a result, too many organizations are faking information risk management; too many people are untrained / unskilled in information risk management; too few organizations are working to “mature” information risk management and too few people understand risk, not to mention information risk analysis and risk management. Even with skilled and credentialed security professionals, we typically find that they are not necessarily risk managers.
As a result of participating in this live session, attendees will be able to:
- Explain the NIST Risk Process for Information Risk Management
- Explain how to measure Risk using Risk Likelihood and Risk Impact
- Learn how to use a process for building a business case for strengthening information security
- Use Excel template provided to calculate the cost of a breach for your organization
- Justify the need for an Information Risk Management to become a mature business process
- Leverage resources provided to establish or frame your information risk management program
This session is designed to help CEs and BAs understand and act on the specific information risk management requirements covered in numerous regulations and best business practices.