Audit and Controls

A Simple Formula

Key Control: Least Privileged Access

The concept:
Only the people who need access should have access.

Easy enough! Unfortunately, no.

Most organizations are just starting to recognize the need to prune access and with all the data already in existence, it’s difficult to even figure out where to start! Plus, data is growing and the issue only grows as well.


SPHERE has created a proven and repeatable approach:

  1. Inventory and logically categorize your data
  2. Develop a Target Operating Model for access controls
  3. Identify owners and perform an entitlement review
  4. Standardize permissions and remove excessive access
  5. Implement and onboard data into an automated lifecycle solution

Cybersecurity Assessments

Assessment will identify areas that are potentially at risk for audit failure and can be based on a variety of target cybersecurity framework – and SPHERE can assess your current state and build a road map for your future state.
In addition to ensuring you are compliant, a cybersecurity assessment is designed to help you be more proactive in today’s threat landscape.
Check out our video where we discuss Ransomware: Strategies for Survival

NY DFS Self-Assessment

What is New York Cybersecurity Regulation?  The Department of Financial Services (DFS), ensures providers of financial products and services to NY consumers remain solvent, protect consumers, and act reasonably to protect against financial fraud, criminal abuse, and unethical conduct.

Do I have to worry about this?  Covered entities include but are not limited to, Banks, Lenders, Insurance Companies. To see if your classification of business is affected, click here

What do I have to do?  Companies that are supervised by New York’s Department of Financial Services, and not specifically excluded from the in-effect regulation, must appoint a qualified Chief Information Security Office (CISO), who will be accountable for the overall implementation, effectiveness, and enforcement of the Cybersecurity Program.

Where do I start? Well, knowledge is power! We have created a self-assessment tool to help you get gauge of your security posture. This tool will help you to better plan your resource, time and budget requirements to become DFS compliant!

Would you like to talk to an expert?