An informational security risk analysis is an independent evaluation of the information security risks of an organization.
To gradually realize the IT infrastructure development strategic project of a large business chain, the management made a decision regarding its expert evaluation. On the basis of the results of the risk analysis, significant changes were made to the structure of the program. Certain omissions were discovered.
For instance, no fail-safe infrastructure had been created for the most critical resources. Resources with easy accessibility had been provided with overly expensive equipment. The order of certain stages also had to be changed. The compliance with the regulator requirements was fulfilled. As a result, the regulator check-up was done much faster and was successful.
The client organizes a work group headed by a supervisor that participates in the process of providing data and a more effective evaluation of the severity of certain business processes.