Risk Analysis

Depending on its size and its security needs, organisations must react in the most appropriate manner. Adopting good practices, taking the necessary measures and adjusting them proportionally: all this is part of the process to ensure information security. Most of all, it depends on performing a risk analysis on a regular basis.

MONARC Method

NC3 has developed an optimised analysis method (MONARC) to produce a comprehensive risk report, with suggested solutions. This method:

• thoroughly evaluates the risks involved
• determines their level of criticality
• describes the possible consequences for your organisation. It is based on CASES expertise and regularly updated prior knowledge of the business processes used within your professional organisation.

Method summary:

Context establishment

• Risk Analysis Context
• Trends Evaluation
• Threat Assessment
• Synthesis of the trends and threats assessment
• Context of the risk management
• Definition of assessment criteria, acceptance and impact

Context modelling

• Identification of assets, vulnerabilities and impact appreciation
• Synthesis of assets / impacts

Risk assessment and treatment

• Estimation, evaluation and risk treatment
• Management of plan for risk treatment

Implementation and monitoring

• Management of the implementation plan for risk treatment

Go further:

• MONARC
• Risk Management