Risk Assessments are a fundamental process that are used to help information security managers identify and prioritise the cost effective use of resources to protect a business from a security breach.
QinetiQ helps customers to identify, understand and manage potential threats against the business in three vital areas; Information Assets, Physical Environment and the Personnel that manage these.
By deploying a thorough risk assessment, knowledge is gained on how to plan appropriate counter-measures and mitigating actions that will secure a business from inadvertent error or from more menacing threats such as attacks that are planned to extort,steal and damage.
QinetiQ's Consultants advise on the following areas:-
Information Security Risks - Our consultants will perform a risk assessment using traditional modelling and management tools such as CRAMM, (the UK Government's preferred risk assessment methodology) and COBRA (Consultative, Objective and Bi-Functional Risk Analysis) and complementing these with our own methodology Domain Based Security (DBSy).
Physical Risks - Building and environment protection can be assessed by using a physical risk assessment.
People Solutions - Our consultants will also address the threats that people can introduce, whether they are inadvertant or more malevolent.
Operations and Gap Analysis - By using standards such as ISO27001 for commercial businesses and JSP440 and HMG Infosec Standards for MoD and Government customers, we can assess the shortcomings or gaps in IT systems and operating procedures.
Accreditation Support - Our Consultants will provide accreditation support to help businesses prepare for audit to standards such as ISO27001.
|
Back to top
Privacy statement