IT Risks and potential impacts:
While information has long been appreciated as a valuable and important asset, the rise of the knowledge economy has led to organizations becoming increasingly dependent on information, information processing and especially IT. Various events or incidents that compromise IT in some way can therefore cause adverse impacts on the organization’s business processes or mission, ranging from inconsequential to catastrophic in scale.
Assessing the probability of likelihood of various types of event/incident with their predicted impacts or consequences should they occur is a common way to assess and measure IT risks. Alternative methods of measuring IT risk typically involve assessing other contributory factors such as the threats, vulnerabilities, exposures, and asset values.
Audit plays a critical role in providing objective assurance that protects the business against risk, informs strategic decision making and improves business performance. But many organisations do not have an Internal Audit function with sufficient expertise to step up to the challenge.
We assist companies to improve the value and performance of the Internal Audit function by providing solutions tailored to your needs. Whether you need outsourcing/co-sourcing, Internal Audit transformation or Internal Audit start-up assistance, we bring extensive knowledge of Internal Audit, along with sector specialists who know your industry and its technical risk areas.
What is ISO-27001 and what are the benefits:
ISO/IEC 27001:2005 is an international standard published by the International Standardization Organization (ISO), and it describes the Information Security Management System(ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organization’s information risk management processes.