All organisations deal with enormous quantities of information of varying types and in many different formats. The importance of that information to the organisation will determine what needs to be done to protect confidentiality, integrity and availability.
Our approach draws on best practice in risk management to ensure our customers identify what information is important, the impact if it was lost, and the risks associated with the information. Armed with this information they are able to focus on what is truly important and implement risk treatment plans and control that are cost-justified.
However, risk management is not a one-off activity but an ongoing process that ensures changes in the operating environment (internal and external) are identified and the consequences included in the risk management process. In this way our customers manage their exposures effectively now and in the future.