Information Risk Management Assessment

Organizations of all sizes need to mitigate their information risk. Protecting client data, financial data, and personal data is critical. If an organization can answer “yes” to any of the following questions, then they may have technology and information risk for which they need coverage.

Risk Assessment Questions

  • Do you store personally identifiable information (PSS) in your network?
  • Do you transmit PII to third parties?
  • Do you outsource any activities involving PII?
  • Do any third party individuals or organizations have access to your networks?
  • Do you have laptops or other portable devices in your network?
  • Is your organization’s network susceptible to both third party and employee hackers?
  • Do you have wireless networks?
  • Do you store backups offsite?
  • Are your employees able to email or download PII from their workstations?
  • Do you process credit card transactions?
  • Is your organization susceptible to regulatory exposures related to data privacy and network security (GLB or Red Flag Rules)?
  • Does your organization rely on subcontractors to help implement and maintain information technology systems? Do these subcontractors present data privacy risks to your clients?
  • Does your organization provide any online transactions (billing, access to personal data, security trades, transfers, changes of personal information, etc.?
  • Do off-site users have access to restricted information?
  Total number of Yes responses: 1 - 4 “yes” responses- your organization has modest technology exposure risk 5 - 9 ‘yes” responses – your organization has above average technology risk. 10 – 14 “yes” responses – your organization has high technology risk.

Risk Management Assessment

To protect against spam, please answer this simple math problem:

Thank you for completing the risk management assessment. We have received your results and a representative from IIAW will be in contact with you shortly.