Most cyber attacks are caused by compromised accounts. Identification and risk assessment related to identity and access management is fundamental when protecting the company against such critical incidents. In collaboration with ORS Consulting, a specialist provider of risk management advisory services, we offer a risk assessment of your company's identity and access management routines.
Risk assessment of the company's identity and access management
Cloudworks and ORS Consulting * have entered into a collaboration to be able to offer a risk assessment of identity and access management for companies in all industries. The risk assessment is an integral part of information security, and provides input to business-critical strategy processes regardless of the company's size and complexity.
The risk assessment is also included as part of the processes of complying with regulations. For example, GDPR 32 for handling sensitive personal data, or as an integral part of ISO 27001 activities.
The risk assessment includes the following main steps:
- Preparation of an overview of:
- Business-critical IT systems and / or those that contain information classified as confidential
- User groups and roles
- JML processes (Joiner, Mover, Leaver)
- Workshop with key people
- A guideword-based methodology will identify threats, evaluate consequences, identify measures and assess risk
- Establish an overview of:
- The most critical threats and risks
- Define specific measures and actions to reduce the risk to an acceptable level, as well as ensure that regulations are complied with and that the measures can adapt to rapid digitization.
*ORS Consulting is a leading Scandinavian consulting firm in industrial risk management with operations in Norway, Sweden and Denmark. They assist organizations with risk analysis and measures against various dangers, including so-called black swans, with the aim of preventing accidents and contributing to increased value creation.