Risk Mitigation: A 6-Phase Process
The M2000/IS Risk Mitigation Process is offered to proactively mitigate cyber-based risk and loss and to support corporate governance. It is an integrated full-spectrum process to protect against and prepare for cyber-based intrusions which could result in the alteration, theft or damage of information
The following 6-Phase process has been designed specifically by M2000/IS to provide a full-spectrum integrated approach to addressing regulatory obligations and prudent information security programs. It is understood that many corporations may have addressed each of these processes to some level; however, you do not want to wait until you have experienced unauthorized access resulting in damage to your IT systems and applications, or the theft or alteration of customer or vendor/partner information, to find out.
This program is intended to mitigate risk and loss from cyber threats via a thorough analysis to uncover technical, physical and administrative weaknesses and vulnerabilities. Once uncovered and prioritized, M2000/IS will develop and implement security countermeasures to remediate those weaknesses and vulnerabilities while at the same time training selected staff in how to deal with those vulnerabilities and their collateral consequences.
Clients may select any one or a combination of these services:
The 6-Phase M2000/IS Process:
- Review existing Policies and Procedures relating to privacy, security and IT.
- Develop Information Security-based Policies and Procedures.
- Develop a Cyber Incident (Crisis) Response Team and a Cyber Incident Response Plan.
- Perform an IT Systems Security Vulnerability Analysis to include Recommend Countermeasures.
- Integrate, Configure and Implement Countermeasures.
- Education and Training: Integrate training content and efforts between Management, IT, Employees, Customers and Vendors/Partners.