The Quick Risk Assessment Framework
When we have an initial discussion with a client, most of the time we are met with scepticism and resistance. It is possibly part of human nature that people do not like to consider that they have a problem, unless it is very obvious. So we need to answer (most of the time) the following question:
How do I know we have a problem?
Our answer to this question is the Quick Risk Assessment Framework.
This framework contains ten (10) subject areas. Nine of these subject areas examine specific aspects of the organisation's security posture, such as
- management controls,
- organisational controls and
- technical controls.
The tenth subject area provides an overall diagnostic risk rating on the organisation's information security programme. The assessment is performed at high level, enabling a short engagement with the client. The outcome of the quick assessment determines whether further, more detailed assessments or consultancy is required. Performance Resources provides professional services in both areas.
The diagram below displays such a framework:
Please click on the image for a larger version.
Benefits of employing such a framework include
- Cost effectiveness
- Speedy turnaround
- Flexibility and
- Ease of use.
For relevant capabilities please read the Security Posture Analysis section in the Assessment category here.
If we can assist you in any ways please feel free to contact us for further information. Our consultants will be happy to assist you with your enquiry.