‘Cyber risk’ means any risk of financial loss, disruption or damage to the reputation of an organisation from some sort of failure of its information technology systems.
Through utilisation of international best practice and supporting industry standards (such as ISO 27005 and NIST 800-30) We can provide your organisation with advice and support in the area of cyber risk management.
Our risk management service offering will typically comprise of the following stages:
Scope/context - Establishment of scope, context and risk boundaries for the organisation;
Asset Review - review of information asset register;
Vulnerability Assessment - review of current vulnerabilities for information assets;
Risk Identification - identification of risks to the business, the possibility of occurrence and their potential impact;
Risk Treatment - establishment of priorities for risk treatment activities (mitigate, accept, transfer, avoid);
Risk Review - establishment of risk monitoring and review processes.
In addition, education will be provided to key organisational stakeholders and employees as to the risks to their organisation and how they are being managed.
Please contact us for more information regarding your risk management requirements.