Skip over navigation
Ultima Risk Management Logo linking to homepage
  • Contact us
  • Site map
  • Home
  • Consultancy
    • Introduction
    • Information Security (ISO 27001)
    • Business Continuity Management (BS 25999)
    • PCI DSS
    • IT Service Management (ITIL & ISO 20000)
    • Data Protection
    • Information Risk Management
    • Software Asset Management
    • Polices & Procedures
  • Training
    • Training Courses
    • CISMP - ISEB Certificate in Information Security Management Principles
    • PCBCM - ISEB Practitioner Certificate in Business Continuity Management
    • PCIRM - ISEB Practitioner Certificate in Information Risk Management
    • SAM - ISEB Certificate in Software Asset Management Essentials
    • PCSAM - ISEB Practitioner Certificate in Software Asset Management
    • BCM - BCI Understanding BCM Principles and Good Practice
    • All other courses
    • Training Schedule
  • Products
    • ISO 27001 Risk Assessment Tool
    • BS 25999 Risk Assessment Tool
  • Events
    • BS 25999 Implementation Seminar
  • Case Studies
    • Audatex - Global first Dual certification
  • About us
    • Company Profile
    • URM's Partners
    • How to contact us
Home / Consulting / Information Risk Management
getting the balance right
Getting the Balance Right

Information Risk Management Consultancy

Risk assessment is the only way for senior managers to ensure that controls are cost effective and appropriate.

Risk Management involves evaluating threats and assessing potential impacts (losses) so that measures can be identified and implemented to safeguard important business assets and thus avoid losses.

The success parameters of modern organisations have raised the stakes for implementing a process of information risk assessment. These include the need to comply with legislation and regulation (such as the Data Protection Act, Combined Code and the Sarbanes-Oxley Act (SOX)), as well as protecting its market reputation, providing fast and accurate information and generally putting itself in a position to exploit the Internet and emerging technologies.

The implementation of formal information risk assessment will ensure that senior management, as an organisation's risk takers, are provided with credible, timely and quantifiable intelligence about the actual risks, as opposed to perceived ones, which they face. They can then determine more precisely their security budget and where it should be targeted.

URM's consultancy team is highly experienced with each consultant having over 10 years' experience in information security risk management and audit. This experience has been gained across a wide range of private and public market sectors. URM's consultants understand not only the technologies and risks, but also the business imperative - which is vital when conducting risk assessments and when presenting the results.

URM has developed a highly pragmatic risk assessment methodology that is business-focussed and produces high quality intelligence from which an organisation's risk takers can make balanced and informed decisions. The methodology can be used in any context including certification to ISO 27001 and compliance with SOX regulations. Unlike some of the more rigid 'take it or leave it' risk assessment tools, URM's approach is completely flexible and can be modified to meet the specific requirements of an organisation.

  • Introduction
  • Information Security (ISO 27001)
  • Business Continuity Management (BS 25999)
  • PCI DSS
  • IT Service Management (ITIL & ISO 20000)
  • Data Protection
  • Information Risk Management
  • URM's approach to Information Risk Management
  • Software Asset Management
  • Polices & Procedures

Copyright © Ultima Risk Management, 2008. All Rights Reserved.

contact us | careers | terms of use | privacy | site map