INFORMATION RISK MANAGEMENT

Jerakano can design and implement a tailored information risk management methodology for your organisation - supported by seasoned, independent advice on the most suitable tools to help you assess information risks; determine your level of compliance with international security-related standards (such as ISO 27001, ISF SOGP or NIST Cybersecurity Framework); and monitor the effectiveness of your information security arrangements.

RISK FAMEWORK

Jerakano has developed an architectural framework for information risk management AFFIRM, which enables the design and development of a tailored approach to information risk management that will meet the needs of your organisation. The core components of AFFIRM comprise:

  • Assets to be protected (eg people, information, devices, business applications and technical infrastructure)
  • Risks, including threats, vulnerabilities and security-related incidents
  • Controls (eg strength and level of implementation) and actions required to reduce risks

Affirm diagram

AFFIRM supports virtually any information risk management approach (e.g. ISO 27001, FAIR and IRAM2) or Governance, Risk and Compliance (GRC) solution, rather than replacing them.

GRC IMPLEMENTATION SUPPORT

Jerakano can produce a requirements specification for a GRC solution, facilitating the selection and implementation of an appropriate GRC tool. We can also help you implement any GRC tool, offering truly impartial advice. Jerakano is a Certified Partner for Acuity STREAM.

We will also help you produce a requirements specification, facilitate the procurement process, select and implement an appropriate Governance, Risk and Compliance 'GRC' solution, as required. Jerakano can help you implement any GRC 'tool', offering truly impartial advice, but is proud to already be a Certified Partner for Acuity STREAM