
Risk Assessment
Risk assessment, and analysis will assist in determining your organization’s vulnerabilities, and threats.
Risks to the company achieving its objectives, and continuation of operations are assessed, presented, risk treatments, and mitigations, and opportunites are presented. Catorgarised into inherent, and residual risks, impacts on revenue, and EBITDA. This process gives management the information it needs to make educated judgment. The procedure identifies the existing controls, calculates vulnerabilities, and evaluates the effect of threats on each area of vulnerability. In most cases, the assessment aims to provide an economic balance between the impact of risks and the cost of security solutions intended to manage them. At the basis of selecting cost-effective protective measures or treatments is the assumption that the cost of controlling any risk should not exceed the maximum loss associated with the risk.
Severity = Probability x Impact
Some controls we look in to but not limited to would be at a minimum:
-
External threats such as environmental, political stability, geographic locations
-
General building, infrastructure, electrical to SPOF
-
Organisation, and administration
-
Security Some controls we look in to but not limited to would be at a minimum
-
Ceiling, lighting, and other systems, to raised floor
-
Telecommunications
-
Operations to contract management
-
Health Safety and Environmental
-
Fire suppression systems, and early warning systems
-
Environmental control, and various monitoring
-
Security, Logical Access, to virus protection, network topology, monitoring, to cyber frameworks
-
Change, and problem management
-
Vital records management, and storage
-
Contingency planning, Work Area Recovery sites, and dependencies
-
Data privacy to HR controls
-
Insurance, Audit, And Enterprise risk Management