38a-1, 12 CFR, HIPAA, FERPA, FISMA, PCI, GLBA…
New and changing regulatory changes are a major factor that can impact risk assessments. In order for businesses to satisfy the regulators, they must constantly evaluate risks, weigh risks against rewards, and make informed decisions based on these evaluations.
- Maintain multiple certification templates for specific certification types, business areas or locations.
- Conduct risk assessments and self-assessments, on specific regulation provisions, as well as on customer-specific evaluation criteria.
- Document findings/gaps and monitor remediation efforts.
- Issue certifications based on review and approval workflow on a pre-defined schedule or as needed.