Information Security Risk Management

Privacy Praxis will help you to identify the potential risk exposure to your organisation. Key stages in this process are as follows:


 • Quantify asset value

Attribute value to your critical assets and build a risk register

• Understand threats

Analyse the main types of threat faced by your organisation

• Identify threat agents

Pinpoint the agents (human or environmental) that could be responsible for realising threats

• Determine potential exploits

Understand the ways in which agents may cause each threat to be realised

• Evaluate potential impacts

Consider the potential effects of threat realisation

• Determine risk exposure

Quantify the total potential risk to your critical assets

Risk treatment

Following on from the risk assessment process, our in-depth understanding of the potential threats to your organisation’s information will help us to identify ways in which to mitigate the risks identified:

• Select appropriate risk treatment techniques

Identify suitable actions to mitigate risks

• Determine the risk cover

Quantify the amount that the overall risk has been reduced due to the mitigating actions selected

• Determine the residual risk

Compare total risk exposure with risk cover

• Present options for risk acceptance

Present results to stakeholders to support decision making and enable risk acceptance


Security Governance :

Information Risk Consulting services for more informations please contact us