A security and threat assessment is designed to evaluate the broad spectrum of your security controls against best practices and prominent security frameworks. We have a balance of expertise across both the risk and security domains. In general the goals of Risk Management are:
- Elucidate both the quantitative and qualitative risk exposures to enable management to confirm an acceptable level of risk.
- Ensure adequate controls are in place to maintain acceptable levels of risk.
- Determine the appropriate level of capital to absorb losses associated with risks that do not lend themselves to controls.
During our the assessment we conduct a thorough and independent evaluation of your security controls and the safeguards you have in place to protect your networks, systems and data. We will start by identifying and categorising key information assets and processes. This includes not only physical but also intangible assets such as reputation and intellectual property. Next we complete a threat assessment to understand both the threats and technical and organisational vulnerabilities associated with these assets. We document the current controls and security processes and identify any additional security requirements per regulatory or industry standards. We will provide a prioritised list of threats, risks and identified countermeasures – providing a roadmap to the future. Additionally, a gap analysis comparing your organisation to leading practices.