Just as economic conditions have deteriorated, organisations have begun to face greatly increased scrutiny of the risks surrounding their data and information technology. An upsurge in data leaks from both private and public organisations, coupled with an epidemic of data theft by staff who fear redundancy, has made data protection a hot issue and a favourite topic of journalists and commentators.
Grant Thornton and Arthur Cox Solicitors have developed a service that allows organisations to assess—quickly and cheaply—their vulnerability to risks arising from a broad range of IT-related threats. Our information risk healthcheck does not simply look at the technical security of your IT infrastructure, but also your vulnerability to flaws in your commercial IT and employment contracts, your IT policies and your data management and protection measures.
Learn where to focus your spending
Our healthcheck is not intended as a detailed audit. Instead, it quickly and cost-effectively allows you to assess where the most serious problems lie, so that increasingly scarce budgets and resources can be focused on the areas of greatest need. Our reports can also help with maintaining or increasing the IT budget by providing solid evidence on which to base requests for additional resources.
Our assessment is focused on the key questions in four main risk areas:
- IT contract risk—is there a business risk from badly structured, incomplete or poorly enforced contracts, clauses or service level agreements (SLAs)?
- employment contract risk—is there an IT risk arising from weak or unenforced employment contracts, staff regulations or IT acceptable use policies?
- data protection risk—is there a risk arising from weak or non-existent data protection policies, procedures and practices?
- IT security risk—is there a risk arising from weaknesses in IT system configurations, maintenance, policies and procedures?
For further information please read our Information risk healthcheck factsheet