Security Assessment & Consultation

What We Offer

Our Risk and Compliance Team will perform an assessment and consultation for your product. This service should be requested for new products and very high risk products beginning immediately. High risk and moderate risk products should have a self-assessment completed by the end of 2021. All other products should have a self-assessment completed by 2022.The team will support the following: 

1. Provide risk management training.
2. Validate the completion of your system inventory.
3. Review for adequate system architecture security controls.
4. Issue a security self-assessment for your organization to determine the product meets minimum-security requirements.
5. Review your security self-assessment to answer questions and ensure completeness and accuracy. 
6. Provide consultation in support of you implementing controls to mitigate risk.

Products that are very high risk will be assessed annually, while high, moderate, and low risk products should have the self-assessment completed on a rotating three-year schedule.

The service will take approximately two weeks at no cost to your organization. Products that are high risk will be checked regularly. This service is not needed if you are deprecating a product.

Self-Assessment Resources

Download the Security Standards Self-Assessment Questionnaire
View Filled-Out Example - Use this example form to check your work as you go
View Self-Assessment Presentation Slides