Introduction
Some of IRM's sizeable clients have not yet had the opportunity to review the security of their enterprise in totality. But with changing business environments they are now interested in a more complete approach to the security of their enterprise.
IRM has previously completed large-scale, detailed security reviews and recommends a programme-based approach. A programme-based approach allows IRM to perform the work in discreet modules delivered within a common framework; this ensures that the review can take place with minimal impact on the day-to-day operations of an organisation. It also allows IRM to deliver a flexible scope and yet retain consistency and quality across all deliverables.
There are six main phases that constitute a successful information security programme including:
- Framework Establishment
- Identification
- Baseline
- Gap Analysis
- Remedial Planning
- Remediation
However, IRM recognises that not all clients have a similar approach to enterprise security and as such are able to perform individual phases or actions of a security programme on more specific areas of the client enterprise, tailoring the service to the client's needs.
