We have over 15 years of experience assisting our clients with performing risk assessments. We help our clients in performing risk assessments based on international standards. We have focused on relying on ISO/IEC 27001, ISO/IEC 27002, and ISO 31000, but we have also assisted clients in performing risk assessments against other standards, such as NIST and COBIT.
Examples of common risk assessments are the following:
Risk assessment concerning the operational security of a company or organization
Risk assessment concerning an organizational unit
IT environment risk assessment
Risk assessment of key processes and services
Risk assessment related to project management or single projects
Risk assessment of the working environment
Server room risk assessment
Risk assessment is a cornerstone of operational security and is part of information security best practices.