Continue to the next video in Risk Assessment series
Speaker
John Snyder
Net Friends
President & CEO
Video Transcript for Risk Assessment Vlog #2
The first major thing that stood out to us about Axio360’s web-based Risk Assessment application was its ability to conduct ongoing assessments. Before we discovered Axio, the best Risk Assessment tool we’d uncovered was a spreadsheet that captured point-in-time snapshots of a business’s risk categories, which was provided to us by our SOC 2 Type II compliance auditor, Kirkpatrick Price – I talked about them in Part 1 of this video series.
We needed a way to track improvement over time. We also wanted to look at Risk at both organization-level and department-level, with new or updated information from both levels informing each other. Once we saw how Axio360 supported milestones, establishing baselines, and aligning assessments with different risk frameworks like NIST-CSF and CMMC, we knew we had found our tool. Best of all, we could benchmark ourselves against peer organizations and rapidly generate stunning, detailed, and executive summary reports.
Now that we’ve spent many hours working within the application, we’re planning to leverage it for three primary uses:
- We’ll track our key vendors’ cybersecurity postures by conducting short 15-30 minute high-level assessments facilitated by the application. If we’re planning for any Vendor to be tied to one of our critical workflows or to host any assets for us, we can take the initial assessment and expand it further, with the existing answers forming a base we can build off of.
- We'll upload and track our own insurance documents, as well as for our key vendors, and perform routine assessments of insurance coverage, using Axio’s machine learning capabilities to look for potential areas of risk or problematic language buried deep in the insurance documents – this is a capability we did not have previously.
- We've been using Carnegie Mellon’s risk taxonomy matrix to perform twice-monthly financial assessments of the 1st and 3rd party tangible and financial risks of nearly 2 dozen risk categories we’ve identified. The Quant area of the Axio360 application allows us to calculate the minimum, maximum, and expected financial impact of each risk in under an hour, and we know with far more precision whether we are adequately insured against each risk.
Thanks to the powerful tools within the Axio360 web application, we are having entirely different discussions in our business around Risks, Likelihood, and Potential Impact. And these discussions are creating lasting change and impact within our organization, the kind that move all of us in a positive direction by creating more pathways toward success. Every business should try to incorporate into their decision-making process an assessment of Risk, and we would love to show anyone who is interested how Axio360 can transform your business for the better while equipping you to meet your regulatory or compliance requirements with ease.
We invite you to reach out to us to learn more!
Continue to the next video in Risk Assessment series
