Risk management frameworks guard an organisation against all manner of potential disasters
Information security has developed into perhaps the most important aspect of such frameworks.
At Stratigence we work to ensure that your organisation’s information security risk framework is capable of protecting valuable and sensitive data, and that it aligns with your broader risk framework. We work to understand the potential threats that your company faces, before helping you to reduce or mitgate these entirely.
Risk management frameworks guard an organisation against all manner of potential disasters, and information security has developed into perhaps the most important aspect of such framework.
Information security has developed into perhaps the most important aspect of such frameworks.
At Stratigence we work to ensure that your organisation’s information security risk framework is capable of protecting valuable and sensitive data, and that it aligns with your broader risk frameworks. We work to understand the potential threats that your company faces, before helping you to reduce or mitgate these threats entirely.
What sort of things are assessed?
Until you’re knee deep in it, cyber security risk management can be a somewhat abstract concept. So what does it involve in real terms?
Example 1: Email
Company A uses Outlook for email. In this example, a risk management team would ask the following questions:
Example 2: Permissions
Company B employs basic user authentication to grant access to their business systems. We’d begin the process of assessing risk by asking:
The answers to these questions would serve as the basis for a risk management framework, from which recommendations would be made.
The process
How does the cyber security risk management process play out? At Stratigence we employ five simple steps.
Step 1: Define the scope
Identify which information assets should be included in the review, and the budget and timeframes that you’d prefer to work within.
Step 2: Review current controls
What risk management protocols are currently in place? Can they be improved, or should they be replaced?
Step 3: Workshop risk profile and threats
What is the desired risk profile? What are the possible threats? Answering these questions can be a challenge, particularly with the variety of risks any organisation might face – from hackers, through to acrimonious employees, and even natural disasters like earthquakes. We seek to gain an understanding of potential threats by comparing similar organisations.
Step 4: Complete gap assessment
How does the desired performance of our risk management framework compare to the actual performance?
Step 5: Recommend next steps
Propose a set of prioritised controls to be implemented within the first year. The plan will be crafted to fit within your budget and timeframe, focusing on the highest risks first.
What you’ll get
By working with Stratigence on your cyber security risk, you’ll get:
What you’ll get
By working with Stratigence on your cyber security risk, you’ll get: