It involves identifying, assessing, and treating risks to the confidentiality, integrity, and availability of an organization's assets.


Managing risks is part and parcel of working life – we weigh our options, take decisions and move on. Making sensible informed choices about information security is no different.

In most cases, you can manage these risks responsibly by simply complying with the ‘baseline’ information security standards and information handling rules.

Organisations today are under ever increasing pressure to comply with regulatory requirements, maintain strong operational performance, and increase shareholder value.

We deliver a complete portfolio of cyber security services: from adherence to GDPR, ISO27001 and PCI Compliance to Advanced Penetration Testing; from Business Continuity Management and eDisclosure to Digital Forensics (and everything in between). In addition we provide support and resource to in-house CISOs and DPOs or can fulfill these roles through our Virtual model.

Your organization’s critical assets face threats that extend beyond the realm of technology. Your processes and employees can expose your crown jewels in ways that cannot be mitigated with technical controls alone. Understanding all of these factors in terms of business risk will play a key role in your ability to defend what matters most.

Our IT Risk Assessment services and methodology will provide you with a path forward. Our experienced information security consultants will work closely with you and your team to get a complete picture of your security posture. As part of this effort with our IT risk assessment tools, we will:

  • Review critical assets and functional areas to identify threats and vulnerabilities that may impact their confidentiality, integrity or availability;
  • Investigate your organization’s processes and procedures and interview your subject matter experts;
  • Assess the effectiveness of in-place technical, physical and administrative controls including implementation of security solutions, separation of duties, and password policies;
  • Analyze the likelihood of incident occurrence and determine composite risk levels of each functional area; and
  • Fully document and discuss all findings, conclusions and recommendations so your management team can quickly put them into practice.