Apart from being a compliance requirement for 27001, it provides a detailed view on existing threats, vulnerabilities and provides rating of risk impact on the organization. A mitigation report defines the action and controls recommended to either minimize the impact of a given risk or mitigate it. A risk assessment service is a detailed process and it involves using Versos subject matter expert to design assessment questionnaire, conduct the interviews, analyze findings and provide mitigation controls. Versos regularly updated threat/control database allow our consultant to prepare the questionnaire in timely manner and benefit from a deep understanding of each sector threats and vulnerabilities thus guarantees that the output is industry specific, on time and within project budgets.

Each industry and sector have specific risks and interrupts various vulnerabilities differently from each other, therefore Versos have been the vendor of choice for many regional clients to conduct risk assessment due to its in-depth knowledge of industry best-practices, latest threats and vulnerabilities and staff expertise.

With Versos complete offering of Risk Management services, risk assessment can be customized on high-level and focused on specific set of business need or detailed risk assessment where the involvement of the entire service offering can be packaged and implemented. Again, based on the customer objectives our consultant can engaged in a pre-assessment session to scope the risk assessment and advice whether a detailed or high-level risk assessment is needed.

Versos risk assessment methodology is designed to effectively, efficiently and properly identify risks and achieve assessment objectives. The methodology balances between qualitative and quantitative risk assessment approach and is structure as follow steps:

• Step 1: Asset Identification
• Step 2: Business Impact Analysis
• Step 3: Threat Likelihood determination
• Step 4: Risk Determination