Information security risk management

KÜRT’s information security risk management service is focused on managing the information security risks of the given organization and sheds light on what effects various information security risks have on different business processes and organizational data.
Threats can affect all IT services, as they can injure the confidentiality or integrity of data and can threaten the availability of IT systems. Of the factors that threaten the operation of organizations, the risk of the IT infrastructure is perhaps the greatest. This includes facilities, IT technology, procedures, data, and human resources. It is expected to provide an opportunity for protection to combat the seemingly endless number of threats, and to do so effectively, at the right place, and to the correct degree.

 

Why choose KÜRT?

Our information security situation assessment methodology was developed on the basis of the requirements of national and international recommendations, standards and guidelines.

 

The main steps of the risk management process:

  • Developing a methodology that guarantees that the information security risk assessment provides comparable and repeatable results.
  • Performing a Business Impact Analysis that defines the damages expected in the event of data compromise, integrity breaches, or IT system unavailability, measured using business indices.
  • Mapping information security risks and identifying the probability of the occurrence of threats and their possible effects.
  • Providing a comparable and objective assessment of and ranking information security risks.
  • Selecting the information security risks to be handled and working out risk reduction measures.

What results can risk management be expected to provide?

Expected short-term results:

  • The information security risks in the environment, the applied technology, the infrastructure, and human resources become clear and prioritizable.
  • Information security becomes manageable, plannable, and can provide feedback.

Expected long-term results:

  • The information system’s operational risks can be kept at a level proportionate.
  • The losses resulting from threatening factors are reduced.
Szechenyi2020

Iratkozzon fel hírlevelünkre!

Ha szeretne többet tudni a legfrissebb híreinkről, szolgáltatásainkról, iratkozz fel hírlevelünkre!