Risk Assessment

Key to modern information security and business continuity management

Risk Assessment is core to achieving certification to standards for Information Security Management (ISO 27001), Business Continuity Management (BS 25999) and for IT Service Management (ISO 20000).

Teamwork consultants will conduct reviews of security threats and vulnerabilities within your organisation’s systems and examine their potential business impact. These will not only relate to IT but will encompass all sensitive and mission-critical information held within your business.

Determining the risks

Risk Assessment considers the likelihood and impact on the business of threats, vulnerabilities and exposures; the value of assets to be protected; and the costs of appropriate countermeasures. Teamwork consultants will work within the customer’s own risk management system using appropriate risk assessment methodologies.

Our consultants have experience of industry standard assessment methodologies including CRAMM, historically the UK Government’s preferred methodology, the new IS1 (HMG Infosec Standards No.1) for risk assessment associated with UK e- Government. We also offer practical spreadsheet-based methods for ISO 27001 implementation and business continuity planning to identify scenarios that could result in high impact to the business.

Our methodologies can be adapted and integrated with the customer’s own risk management systems.

Defining effective controls

Having identified the critical information assets, we will help you to decide upon countermeasures to protect them. These include deterrent controls to reduce the likelihood of attack; detection controls to discover attacks; preventative controls to render attacks unsuccessful; and corrective controls to reduce their impact.

An integrated suite of services

Risk Assessment is one of a powerful set of services that forms part of our Integrated Management Systems suite. Risk Assessment is designed to identify the threats and vulnerabilities facing your organisation, enabling you to adopt best practice measures and comply with the relevant ISO Standards.