Need advice on developing a Risk Assessment methodology for assessing clients | allinfosecnews.com

Oct. 11, 2022, 6 p.m. | /u/security_stuffs

cybersecurity www.reddit.com

I've been tasked with developing my companies cybersecurity risk assessment methodology for performing risk assessments for clients. I've read NIST 800-30 and understand the methodology it discusses, but it seems to me to geared towards internal assessments and not a third party doing the assessment. One suggestion was to use NIST CSF and do a gap assessment and then use those gaps as the risk register. I'm looking for advice/resources on how develop (from NIST 800-30) a third party risk …

advice assessment clients cybersecurity risk risk assessment

More from www.reddit.com / cybersecurity

More than 800 vulnerabilities resolved through CISA ransomware notification pilot 5 hours ago | www.reddit.com

cisa cybersecurity notification pilot +2

Top cybersecurity stories for the week of 04-22-24 to 04-26-24 5 hours ago | www.reddit.com

ciso cyber cyber security cybersecurity +8

Reddit down in major outage blocking access to web, mobile apps 8 hours ago | www.reddit.com

access apps blocking cybersecurity +7

Here's my article on Phishing Email Investigation: A Step-by-Step Analysis. Do read and let me … 8 hours ago | www.reddit.com

analysis article cybersecurity email +5

Secondary cysec skill? 9 hours ago | www.reddit.com

aim consultant contractor cybersecurity +9

Any ideas on how I can convince my boss to not require users to give … 12 hours ago | www.reddit.com

admin admin rights boss can +11

Encryption Keys Rotation 13 hours ago | www.reddit.com

cybersecurity data encrypted encryption +15

ArcaneDoor hackers exploit Cisco zero-days to breach govt networks 18 hours ago | www.reddit.com

arcanedoor breach cisco cybersecurity +5

Advice for imposter syndrome 18 hours ago | www.reddit.com

advice analyst ask current +10

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Security Architect - Hardware

@ Intel | IND - Bengaluru

View on infosec-jobs.com

Elastic Consultant

@ Elastic | Spain

View on infosec-jobs.com

OT Cybersecurity Specialist

@ Emerson | Abu Dhabi, United Arab Emirates

View on infosec-jobs.com

Security Operations Program Manager

@ Kaseya | Miami, Florida, United States

View on infosec-jobs.com

Senior Security Operations Engineer

@ Revinate | Vancouver

View on infosec-jobs.com