ISS Services

Risk Assessment

One of the key requirements of ISO 17799 / ISO 27001 (BS 7799) is that a formal Risk Assessment is conducted of critical business assets to enable an organisation to ensure that all security risks are identified by a methodical assessment.

 

A Risk Assessment is a systematic consideration of:

  • The business harm likely to result from a security failure, taking into account the potential consequences of a loss of Confidentiality, Integrity or Availability of the information and other assets
  • The realistic likelihood of such a failure occurring in the light of prevailing threats and vulnerabilities, and the controls currently implemented

A Risk Assessment enables an organisation to balance expenditure on controls against the business harm likely to result from a security failure.

The ISS Risk Assessment services are ideally suited to assist an organisation that handles, processes, or stores sensitive information. The services can consist of high-level reviews of critical business processes, ISO 27001 Gap Analysis reviews, or the use of more formal methods such as CRAMM.

RB WebDesign About Us | Site Map | Contact Us | © Copyright 2005, InfoSec Solutions Ltd