Risk Assessment (ISO 31000)

In order to help organizations define and implement a strategy of Analysis and Risk Assessment various methodologies have been created in recent years which propose  structured and systematic methods to identify, assess and manage risks.

These methodologies allow undertake these tasks by providing recommendations and best practices whose effectiveness is established by experience, so that organizations can adapt and apply to their own idiosyncrasies.

Risk Assessment is the core of the Government and the Organization Management and its correct application determines the validity and usefulness of the whole project, so it is necessary to put special emphasis on this phase.

There are different methodologies that propose systematic and structured methods to identify, assess and manage risks, ISO / IEC 31000, MAGERIT v3.0, ISO / IEC 27005 but generally the objectives are:

  • Get a model of the value of the system, identifying and evaluating relevant assets.
  • Get a map of risks in the system, identifying and assessing threats to those assets.
  • Have knowledge of the current situation of security controls.
  • Evaluate the potential impact on the system, both the potential impact and the residual impact.
  • Show to address the areas of greatest impact and / or risk.


  • Reduce service time
  • Ensure the operational continuity of the organization, properly handling critical threats and risks
  • Maintain a protection strategy and risk reduction
  • Continuous improvement of information security
  • Minimize the impact with cost reduction which  includes loss of money, time and labor

Contact us

I Accept the privacy clause.

Últimas noticias

Cyberattack affects the electrical system of a country

Last week there was a cyberattack that paralyzed the Electricity Authority of Israel. This was caused by a malware that was introduced via phishing...
Leer más

Safe Harbor: From the Safe Harbor Privacy Shield

It seems that finally begins to see the light at the end of the tunnel. The European Commission has published an information note on progress in...
Leer más

Android threat

Cybercriminals act in many ways one of them is through false applications, you provide your data to these hackers. A security company has discovered...
Leer más