Company

Technical Security Consulting

Managing Risk

Research & Development

Forensics

Security Management

Media Centre

PCI DSS

• Home
• Overview
• Technical Services
• Secure Architecture
• Secure App. Dev.
• Security Testing
• Forensics

Secure Architecture

The IRM consulting team has provided security architecture review and advice to a wide range of enterprise clients across a broad range of differing environments.

IRM consultants maintain standard security patterns (which can be mapped to standard enterprise architecture views such as the Zachman Framework) and other technical standards which can be customised to meet a variety of client requirements whether building internal systems, customer facing systems, back office IT systems or operational systems such as safety critical or control systems. IRM usually identifies an appropriate set of industry standards such as ISO 17799 or other more industry specific standards against which to align client patterns.

IRM regularly assists clients in designing and validating the designs for new networks and extensions to existing network estates using new technologies.

IRM has extensive experience in supporting the development of security non-functional requirements; the senior consultants are often called upon to help develop functional security requirements in the earlier phases of business analysis and system design. In all requirements development work, IRM consultants will map the desired outcomes of the requirements (critical success factors) to business regulations to ensure the security advice is proportional to the business benefits and the business risks associated with a particular system.

IRM senior consultants also have the experience of integrating custom security patterns into formal enterprise IT delivery functions both at a standards and documentation level as well as through training the existing technical architects and system engineers. IRM consultants are experienced in the use of System Security Engineering Capability Maturity Model (SSE-CMM) in improving client system security delivery.

Typically IRM consultants are engaged in the following activities:

• Security Architect / Advisor
• System Architecture Review
• Security Architecture and Design Process Review

Often the exact nature of these engagements is custom defined to meet client requirements.