Develop and Implement a Security Risk Management Program

The first step to successfully securing your business.

Onsite Workshop

A non-existent security risk management program can result in:

  • Increased threats and opportunities.
  • Over- or under-spending on security controls.
  • Misallocation of resources or over-engineering your security architecture.

A security risk management program can result in:

  • Better alignment with business goals
  • More secure assets
  • Better compliance adherence

Module 1: Define the Information Security Risk Management Program

The Purpose

  • Create definitions around how your organization understands risks
  • Identify roles and responsibilities
  • Communicate program to key players

Key Benefits Achieved

  • Assets documented
  • Comprehensive understanding of program steps
  • Strategy developed over effective communication

Activities: Outputs:
1.1 Establish definitions
  • Security Risk Management Methodology
1.2 Document assets
  • Security Risk Management Workbook
1.3 Understand threats and vulnerabilities
1.4 Review program steps
1.5 Communicate the program

Module 2: Conduct a Security Risk Assessment

The Purpose

  • Get a clear vision of what your organization is truly facing in terms of risks.
  • Get prepared to prioritize risks for mitigation.

Key Benefits Achieved

  • Big picture of your real risks is established.
  • Better idea of which risks are truly concerning and which ones you might be able to safely accept.

Activities: Outputs:
2.1 Identify security risks
  • Security Risk Management Workbook
2.2 Classify security vulnerabilities
2.3 Classify security threats

Module 3: Develop a Risk Mitigation Plan

The Purpose

  • Identify what risks your organization truly needs to mitigate and which they can accept without much negative impact.
  • Establish which controls are needed.

Key Benefits Achieved

  • Prioritized list of risks to tackle.
  • Mitigation plan roadmap.
  • Strategic controls identified.

Activities: Outputs:
3.1 Prioritize identified risks
  • Security Risk Management Workbook
3.2 Make strategic decisions on mitigating identified risks
3.3 Architect appropriate security controls to reduce security risks
3.4 Estimate resources and readiness
3.5 Build your roadmap

Workshop icon Book Your Workshop

Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.

Book a Workshop View Blueprint
GET HELP Contact Us
VL Methodology