We offer an Information System Risk Analysis and Management according to a proprietary methodology, which has been developed during decades of national and international experience in the field of Information Security Systems.
The operational steps of our risk analysis are the following:
- Process analyses;
- Identification and evaluation of the scenarios;
- Assessment of the levels of criticality;
- Identification of the frequency of occurrence of threats (technological, physical and organizational, as well as through the identification and assessment of the vulnerabilities that can be exploited by the threats themselves);
- Definition of the risk profile;
- Risk management (prevention, protection, transfer, retention) and the actions to be taken;
- Detailed identification of the safety countermeasures that should be implemented;
- gap analysis;
- Detailed identification of the safety countermeasures that remain to be implemented following the gap analysis.