Risk Analysis

Accurately estimating IA risk is imperative to responsibly addressing information threats and vulnerabilities. SRC believes an assessment of risk begins with an understanding of each organization's information and its users. We help determine the sensitivity, criticality, and life-span of corporate information, taking particular note of "crown jewels." Then, we profile the user base, looking at their information needs, accesses, and characteristics specific to their use. SRC conducts assessments that identify and equate threats to vulnerabilities and conclude with a estimate of the organization's information risk. Lastly, SRC weighs each risk and identifies technical, as well as procedural ways to reduce them before performing an assessment of technological options to help determine the most cost-effective solutions.