Risk Management
‘Cyber risk’ means any risk of financial loss, disruption or damage to the reputation of an organisation from some sort of failure of its information technology systems.
​
​Through utilisation of international best practice and supporting industry standards (such as ISO 27005 and NIST 800-30) We can provide your organisation with advice and support in the area of cyber risk management.
​
Our risk management service offering will typically comprise of the following stages:
​
-
Scope/context - Establishment of scope, context and risk boundaries for the organisation;
-
Asset Review - review of information asset register;
-
Vulnerability Assessment - review of current vulnerabilities for information assets;
-
Risk Identification - identification of risks to the business, the possibility of occurrence and their potential impact;
-
Risk Treatment - establishment of priorities for risk treatment activities (mitigate, accept, transfer, avoid);
-
Risk Review - establishment of risk monitoring and review processes.
​
In addition, education will be provided to key organisational stakeholders and employees as to the risks to their organisation and how they are being managed.
​
Please contact us for more information regarding your risk management requirements.