Information Security Risk Assessment PDF Print E-mail



Information Security Risk Assessment is ongoing part of an information security program that an Organization undertake to identify, understand and manage the risks affecting the confidentiality, Integrity and Availability of the Organisation Information assets and Information System infrastructure.


While Organisation undertakes numerous projects (e.g. IT projects) to achieve and fulfil their business needs on a regular or annual basis, Inevitably, these projects undertaken were have its sets’ of associated risk and most of the time, it may be impractical, costly or other factors such as resource availability to eliminate all risk.


Vectra's Information Risk Assessment Services can assist your company in identifying and quantifying the risk to the business from the loss of Confidentiality, Integrity (e.g. information disclosure, corruption) and Availability of the information and information systems.


Once the risks are identified and assigned with an appropriate risk rating, corrective measures or compensating controls are recommended to mitigate the Information asset and Information system infrastructure risk exposure. The organisation can then critically decide their tolerance risk and acceptance level to implement the appropriate proposed measure or controls, in the most cost-effective way.


Our risk assessment approach and methodology are aligned with industry recognised Risk Assessment and Management framework or Approaches. Depending on the organisation needs, a suitable or combination of approaches may be adopted for use.