RISK MANAGEMENT
STATE OF THE ART METHODOLOGY FOR IT RISK MANAGEMENT
The risk analysis and management method developed by the ESC 2 team is the result of the integration of several of the best practices in the sector, which combines infrastructural security and the constraints deriving from business activities in a single objective.
Asset Modelling
- Census of assets supporting business processes and services
- Impact analysis and classification of information
- Characterization of assets
- Construction of the asset/information relationship
Risk Assessment
- Assessment and evaluation of risk scenarios
- Identification of Vulnerabilities
- Calculation and analysis of risk levels for each process
Risk Mitigation
- What if Analysis controls and countermeasures that can be implemented to reduce risk
- Risk treatment
- Analysis of residual risk
- Work Flow Management