Risk Management

RISK MANAGEMENT

STATE OF THE ART METHODOLOGY FOR IT RISK MANAGEMENT​

The risk analysis and management method developed by the ESC 2 team is the result of the integration of several of the best practices in the sector, which combines infrastructural security and the constraints deriving from business activities in a single objective.

THE 3 OPERATIVE PHASES

Asset Modelling​

  • Census of assets supporting business processes and services
  • Impact analysis and classification of information
  • Characterization of assets
  • Construction of the asset/information relationship

Risk Assessment

  • Assessment and evaluation of risk scenarios
  • Identification of Vulnerabilities
  • Calculation and analysis of risk levels for each process

Risk Mitigation

  • What if Analysis controls and countermeasures that can be implemented to reduce risk
  • Risk treatment
  • Analysis of residual risk
  • Work Flow Management​