What is Scoping
Transcription
One of the things that you would experience if you worked with KirkpatrickPrice on your next engagement is a process that we like to call scoping. When we first start working with an organization, we want to walk through their business environment and understand the people, the processes, and the technology that are in place. We really have to understand the services that you’re providing to your clients, and why. What are your contractual obligations? And what are all the pieces and components that are involved in delivering your services. Many times, just by going through that simple, but very important process, exposes things that should be considered in your risk assessment that had not been previously considered. Sometimes we have blinders on, and we say that our production environment, or our cloud environment, or a particular office is where we’re concerned and where we think all of our risk is. But when you go through the services that you’re actually delivering and understand the underlying components that support the delivery of those services, it can reveal that there are other things that could potentially be an impact to you if they were disrupted. So, all of those risks are very important to consider. And a scoping engagement, a scoping walkthrough can be very helpful in helping you understand what other risks should be considered.
One of the things that you would experience if you worked with KirkpatrickPrice on your next engagement is a process that we like to call scoping. When we first start working with an organization, we want to walk through their business environment and understand the people, the processes, and the technology that are in place. We really have to understand the services that you’re providing to your clients, and why. What are your contractual obligations? And what are all the pieces and components that are involved in delivering your services. Many times, just by going through that simple, but very important process, exposes things that should be considered in your risk assessment that had not been previously considered. Sometimes we have blinders on, and we say that our production environment, or our cloud environment, or a particular office is where we’re concerned and where we think all of our risk is. But when you go through the services that you’re actually delivering and understand the underlying components that support the delivery of those services, it can reveal that there are other things that could potentially be an impact to you if they were disrupted. So, all of those risks are very important to consider. And a scoping engagement, a scoping walkthrough can be very helpful in helping you understand what other risks should be considered.
Related Videos
Business Environment
Cloud Services Are Assets with Risk
How to Define Your Scope
Identify Your Assets
NIST CSF Identify Function
Step One for Risk Assessment
