The application Risk Analysis is based on the best experience obtained from the implementation of the Information Security Management System ISMS under the standards ISO/IEC 27001 and ISO/IEC 27002.
The application Risk Analysis is capable of
- Defining and structuring some key activities and services
- Maintaining the company’s assets in meaningful groups
- Identifying any relevant threats and vulnerabilities to the assets
- Effective risk evaluation and assignment
- Proposing and planning relevant security measures
- Through effective filtering, it provides a clear view of the current state of risks and measures
The application Risk Analysis set standards
- It sets asset decomposition meaningfully
- It provides standardized threats and vulnerabilities based on a code list
- It provides a set of security measures in accordance with standard ISO 27002
- With its code list, it provides the standardization of your key services and activities
If you cannot do that by yourself, we are ready to help you. We will implement ISMS in your company
- Current-state analysis
- ISMS-scope proposal
- Risk analysis and evaluation
- Selection of measures
- Creation of measure implementation plans
- Design of security organization, defining roles and responsibilities
- Procedures to handle security incidents
- Proposal for and implementation of the process of the company’s activity continuity planning
- Training for the company’s employees in the field of information security
- Support for internal audits of ISMS, including the proposal for any remedial and preventive measures
You can learn more details in our article: Company Risk Management in the Field of Information Security
