Foresight can additionally assist organisations planning to implement threat modelling and assessment and analysis of risks throughout a system or application lifecycle.
Security Risk Management Plans
A Security Risk Management Plan (SRMP) identifies information security risks and defines appropriate mitigation measures for systems. An SRMP consists of a threat risk assessment and applicable risk treatment strategies. Within the Australian Government Information Security Manual an SRMP is considered a core security document and key component of an agency’s information security management framework. Foresight can assist Australian Government agencies and other organisations in the development of SRMPs for ICT systems, networks and applications.
Threat models are a way of identifying security threats to software and systems and allows an organisation to apply appropriate controls to mitigate risk. Foresight can assist organisations implement secure design techniques for software and web application development, including threat trees and threat models.
For more information about our service offerings contact us at [email protected].