My Integralis

Risk Assessment

Integralis’ Risk Assessment services go beyond the traditional approach of people, process, and technology by leveraging sophisticated Integralis-developed expert-driven methodolgies incorporating a top-down business view of your organisation coupled with bottom-up operational analysis.  We pinpoint areas of risk and vulnerabilities and identify the most cost-effective approaches to risk reduction. Our in-depth review covers your policies, practices, and your systems, so that you can:

  • Recognise your current information security profile and business risk
  • Detail existing security gaps, risks and vulnerabilities
  • Identify applicable regulations and standards
  • Understand how your risks can impact your strategic, operational and financial objectives
  • Establish practical prioritised options for improved management and stronger controls

Our approach goes beyond risks and vulnerabilities. We work with you closely and collaboratively to:

  • Learn your objectives and constraints
    • What are your business goals?
    • What level of staff and budget do you have available to address security risks?
  • Determine where you are most at risk
    • While there are common risks shared by virtually every organisation, what are the risks that are of greatest concern in your industry?
  • Identify applicable regulations and standards
    • Which regulatory compliance and industry standards apply to your business
    • Execute hands-on in-depth security review
    • What systems, policies, and controls do you have in place?
    • Based on our interviews with your staff, are you adhering to your policies? What gaps do they see? What problems have they experienced?
    • Is your documentation up-to-date, complete and understandable?
  • Execute an operational best-practices review
  • Determine needed technical security assessments such as penetration testing, web application testing and others as needed
  • Outline risk mitigation recommendations ranked by cost and effort
    • What must you do immediately?
    • What the next priorities?
    • What are the costs relative to the benefits of each effort?
    • What actions will produce the most effective results?

The end result of this effort is a detailed understanding of your risks and how you can best remediate and mitigate those risks to stay competitive. We also help your security staff improve their capabilities while enhancing security awareness within your organisational culture.