Threat Risk Assessment

Solid Security and Compliances' has long believed that security information needs to be presented in a “business context”, one that is comprehensible by senior management and by operations staff. It is often times a recurring problem that information security people do not understand the business being assessed. It is this problem that the Solid Security and Compliances' approach to requirements analysis, concept definition, protection strategy and security planning attempts to address and it is precisely this problem that our proposed resource team intends to eliminate.

​

It is our assessment that the key criteria that ensures the success of this Service is an understanding of client operations and architecture, the implementation of a comprehensive and traceable process for information asset risk analysis, a detailed understanding of potential threats and architecture vulnerabilities, and a comprehensive understanding of incident reporting and assessment infrastructure and guidelines.

​

Our approach includes the identification of information assets (both paper and electronic) and the assessment of their sensitivity in accordance with "injury tests" conducted with respect to four criteria: confidentiality; integrity; availability; and replacement cost.