While information security is not a methodology for managing the issues within a firm, one of its outcomes is a mechanism for recording, defining and discovering the security measures currently deployed.
These metrics along with properly conducted risk assessment are the fundamental elements from which our risk management strategy is intelligently devised.
What our team aims for is a risk management plan that links all of the current security measures with those proposed, to form a single, consistent working security model of the enterprise.
It will identify all key information technology assets, the perceived threats to each, and provide assessment based on probability and risk.
Only the simplest of firms maintains a single set of security practices. As most firms have employed information technology throughout their enterprise, a true risk management program must employ security measures at every point, in every business unit, in every process, within the enterprise.
Uniquely, our risk management programs are not rigid off-the-shelf templates roughly shoehorning all to fit, but programs that do cater for local variations within business units, and still impose the strict level of control sought by the board.
Different units use different types of data, others are more exposed to the internet, others have charge over extremely sensitive information, and yet others may do all their workflow remotely.
Only a security firm with expert knowledge in different types of industries can devise a risk management plan that is comprehensive, and only a security firm with extensive experience in executing risk management plans can execute with the contracted precision.
Risk management can start with a fixed-fee assessment project, and once we have your confidence, graduate to become your information technology risk management partner.
How we work together is determined by the needs of our clients. Clients can choose the level of our involvement they need, the terms and the timing.
Single one-off project.
Ongoing monthly retainer.