Risk Assessment

There are many different ways to assess risk, some of which are better suited to cyber risk management than others. Where possible, the consultant team will endeavour to make use of an organisation's established risk assessment process to ensure that findings can be more readily adopted and incorporated into risk management processes, however, where this is not possible, they will use recognised standard approaches appropriate to the engagement.

The specific approach taken will depend on the organisation, and any specific requirements that they may have, however, a typical risk assessment will include the following: