Risk management (supported by VeriscanRISK)

Veriscan Riskscenario

• Risk scenarios for management

A risk scenario exercise is a workshop mostly performed together with the management of an organization. Its purpose is to obtain a common view and understanding on where the major information security risks in the business might be.

Often the organization’s internal and external dependencies are mapped, where security in all areas is crucial in order for the business to function. Using bow-tie methodology, we will build scenarios that show WHAT must not occur and HOW they actually could occur.

A risk scenario is often the starting point in an ISMS implementation, but organizations may also find it useful to efficiently obtain a common view and understanding on the prevailing information security risks, for example in a renewed management team.

The end result of a risk scenario workshop is a report containing recommendations on specific suitable actions within the information security area.