ESTec Security
Client Login
ESTec Security Search Sitemap Contact Us
About Us Products & Services Newsroom Education Careers
Quick Finder
Vulnerability Assessment
Incident Response
Intrusion/ Penetration Testing
ISO 27001 / ISO 17799 / BS 7799
Information Technology Risk Assessment
Security Policy Review and Formulation
Telecommunications Audit
Code Audit
Network Architecture Reviews
Firewall Rule Set Audit
Security Log Analysis
Expert Witness
Disaster Recovery Planning & Plan Reviews
Security Auditing
Security Awareness Programs
New Features




Information Technology Risk Assessment

An Information technology risk assessment tries to identify the risks, human and natural, that an information technology asset is exposed to. These range from earthquake, storms, and fire to human error, fraud, disgruntled employees, and external intrusion. In addition, an ESTec information technology risk assessment assesses the vulnerabilities and countermeasures already in place. The examination will then rank the threats and vulnerabilities, and identify additional countermeasures appropriate to protect the sensitivity, criticality, and reliability associated with the information technology asset.

To keep your expenses to a minimum and your protection to a maximum, ESTec establishes a cost value for every type of impact on your information technology asset. The event probability gives management an insurance value for each type of event and each asset involved, allowing your management to justify the expenditures for the countermeasures for potential events and interruptions of service. That way, you get the most bang for your buck.

Information Technology Risk assessment is an integral part of ISO 17799 / ISO 27001 information security management systems. ESTec can provide training for internal information technology risk assessment and risk management personnel as well as outside information technology risk assessment services. A standards based information security management system includes a formal risk management plan for the organization. Risks must be identified, and dealt with by countermeasures, or contracted out to a third party or in some cases accepted by the organization as part of the normal business risk.

Sample Case Risk Assessment

Customer: West Coast Utility
Services: Information Technology Risk Assessment
Problem: A new client information system was to be implemented. Management wanted a justification for the budget requests for the project.
Solution: An ESTec consultant worked with the IT department to develop a detailed risk assessment for the project's assets.
Results: The company was able to control and direct expenses to do the greatest good, and ended up saving a high percentage of the original allocation of funding for this protection.

For more information on our Information Technology Risk Assessment Procedures Click Here.
About Us | Products & Services | Newsroom | Education | Careers | Contact Us | Privacy Commitment | Terms of Use

©2002 ESTec Systems Corporation. All rights reserved.