Skip to main content
risk-management-and-reporting

Risk Management and Reporting

Overview

Managing cyber risk is an ongoing part of information security and privacy at CMS. Instead of focusing solely on "compliance", we take a proactive approach by helping Business/System Owners, ISSOs, and application teams continuously evaluate and respond to security risks.

Risk management and reporting at CMS includes system assessments, real-time reporting tools, and the translating of policy requirements into concrete metrics that allow CMS components to gauge the overall security posture of their systems.

Contact: CRM Team | CRMPMO@cms.hhs.gov
slack logoCMS Slack Channel: #cyber-risk-management

Latest articles and updates

Visit the blog to see more articles and posts.