Detailed Cyber Risk Assessments
The first step in any Cyber Resilience Program is an assessment of your business. The intention is not to initially correct the risks, but to inform the stakeholders so that a prioritised and manageable improvement program can be developed and implemented. This will enable management to make informed choices around investment to mitigate risks.
Cyber risk mitigation options typically include:
- resolving the problems internally;
- seeking external speciality support available thru the Goal Group; or
- adjusting the risk level by other action such as providing training, removing unnecessary data, or other operational changes.
The risk assessment consists of two parts:
- the first is to understand the situation and technical risk;
- the second is to evaluate the effectiveness of management controls