Attorneys and Legal Professionals
The day you are sued for a data breach, you will be asked eight questions that you will want to prepare your organization or client for.
Data Breaches are litigated in terms of negligence. Judges and interested parties are trying to determine if your organization/client was doing something reasonable to prevent harm to others.
DoCRA (Duty of Care Risk Analysis) is a standard by which organizations may align their risk assessments to demonstrate reasonable and appropriate. The standard includes a method for organizations to clearly calculate and prioritize risk as well as define acceptable risk.
If you are looking for assistance in bringing your risk method in line with DoCRA (DoCRA.org), we can help.
For clients that follow CIS Controls, download CIS Risk Assessment Method (RAM):