Blog

Risk Assessments & Compliancy (Video)

Roger Walton of PCG discusses the issues of compliancy in regards to doing a risk assessment for a company.

Over the last few years, IT security has grown significantly in importance for all businesses. But one new factor that we’re seeing is that for businesses that are sub-contractors to larger companies, they may increasingly be required to comply with a very specific set of security guidelines in order to be even eligible for contracts going forwards.

One example of this is that the entire department defense supply ecosystem has introduced a new set of standards that, over the next 6 to 12 months, is going to be required by most sub-contractors in order to participate in department of defense contracts, either directly for defense or for larger companies. So we can help you with this.

So what we find is that most of our clients already comply with some of the requirements, but have some significant work to do, in particular on their policies and procedures, in order to be compliant with the standard and in order to be eligible to win those contracts.

So the way we do this is that we’ll, first of all, sit down with you, sit down with the business owner and with the IT owner, and we’ll go through a series of questions to find out whether you would pass an audit if you were put in front of one today.

To the extent that there are areas where you’re not ready for an audit, we’ll come up with an action plan. And that action plan would include things that you and your team will need to do, things that we can do for you, and things that we can do together. And the goal is that within a reasonable period, and typically it’s 60 or 90 days, you will be ready to take and pass an audit and that you would be eligible for contracts going forwards.