BKD Cyber has launched a new web-based service to help clients assess inherent and residual cybersecurity risks to their organizations. The BKD Cybersecurity Framework Assessment Tool (BKD CFAT), powered by ROFORI, is designed to help users evaluate risks by leveraging guidance provided by the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-30, Revision 1, Guide for Conducting Risk Assessments.
The tool assists users with documenting how current controls are implemented by attaching supporting policies, procedures and other evidence in Adobe PDF files. There are viewing dashboards that display overall assessment and key function scores, which can be exported in comma-separated values, Microsoft Excel or Adobe PDF formats.
“Organizations are under pressure to identify, assess, mitigate and manage information security and cybersecurity risks. Due to multiple regulatory requirements and industry-based standards, risk analysis has become more important than ever. Companies need to demonstrate compliance, but it can be a challenge for them—so that’s where we come in,” said Cindy Boyle, IT Risk Services partner.
Currently, the tool supports the following frameworks: The Health Insurance Portability and Accountability Act (HIPAA) Security Rule, the NIST Cybersecurity Framework (CSF) and NIST SP 800-171 Defense Federal Acquisition Regulation Supplement (DFARS).