Information Systems security and Risk Management
IT systems need to address the confidentiality, integrity, availability and conformity requirements.
ROME Conseil offers its expertise in risk management:
- Assessment
- Prevention
- Curative solutions
The assignments of ROME Conseil include:
- Risk assessment:
- Vulnerability
- Threats
- Operational risks mapping
- Operational risk prevention:
- Training
- Maturity of the processes
- Administration of the security rules
- Change management
- Curative solutions to be implemented:
- Assessment of impact
- BCP : Project initiation and management
- BCP test
ROME Conseil’s methodology is based on references including EBIOS, MARION, MEHARI, ISO 27001/27005. Its consultants hold certifications from CISA, CISM, CISSP, ISO 27001 Lead Auditor, MOR practitioner.
Credential:
Put in place an IT security organization in a French Corporate and Investment Bank.
Period: since January 2007
ROME Conseil assists its client in the design of the IT security organization: objectives, targeted organization of the IT security, missions of the security team, and organization of the international branches.
The definition of the mission of the security team inside the IT department includes risk management, security norms and best practices, security aspects of the projects, incident alerts and crisis management, security watch, request management and validation, control and reporting.
