A threat risk assessment is a systematic methodology to identify security risks and determine the most cost effective and practical security controls for their mitigation. Foresight uses the latest standards such as AS/NZS ISO31000, ISO27005 and OCTAVE to identify, assess, evaluate threats and risks and provide remediation solutions for your organisation.
Foresight can assist with:
developing Security Risk Management Plans
risk assessment methodologies
risk mitigation roadmapping
Foresight can additionally assist organisations planning to implement threat modelling and assessment and analysis of risks throughout a system or application lifecycle.
Security Risk Management Plans
A Security Risk Management Plan (SRMP) identifies information security risks and defines appropriate mitigation measures for systems. An SRMP consists of a threat risk assessment and applicable risk treatment strategies. Within the Australian Government Information Security Manual an SRMP is considered a core security document and key component of an agency’s information security management framework. Foresight can assist Australian Government agencies and other organisations in the development of SRMPs for ICT systems, networks and applications.
Threat models are a way of identifying security threats to software and systems and allows an organisation to apply appropriate controls to mitigate risk. Foresight can assist organisations implement secure design techniques for software and web application development, including threat trees and threat models.
For more information about our service offerings contact us at [email protected].