By answering the following questions, you will create a general Risk Assessment.
Note: Healthcare Finance Businesses are assessed by different means, please consult a professional Cybersecurity analyst.
Are your transactions Point of Sale (POS) or service with billing later?
Where is your employee data? (Payroll, w-2s, retirement, insurance, etc.)
Does your group use email as a primary method of communication?
What is your rate of employee turnover?
Do you let your customers connect to your company network?
Is your company “bring your own device” (BOYD)?
Do you let your employees connect their phones to your company network?