The ultimate prevention at the highest level ! Contact Us
Information Security Risk Manager
// Infomation security risk manager
Risk Manager ensures :
Information asset classification
The Risk Manager establishes and maintains a process for information asset classification to ensure that measures taken to protect assets are proportional to their business value.
Risk treatment
Identifies legal, regulatory, organizational and other applicable requirement to manage the risk of noncompliance to acceptable levels - Determines appropriate risk treatment options to manage risk to acceptable levels - Evaluates information security controls to determine whether they are appropriate and effectively mitigate risk to an an acceptable level - Identifies the gap between current and desired risk levels to manage risk to an acceptable level.
Risk analysis
Ensures that risk assessments, vulnerability assessments and threat analyses are conducted periodically and consistently to identify risk to the organization's information.
Risk follow-up
Integrates information risk management into business and IT processes (for example, development, procurement, project management, mergers and acquisitions) to promote a consistent and comprehensive information risk management process accross the organization - Monitors existing risk to ensure taht changes are identified and manged appropriately - Reports non-compliance and other changes in information risk to appropriate management to assist in the risk management decision-making process.