Information risk is the foundation of good security:

If you don't know what you have, you can't protect it;

If you don't know what it's worth, you won't protect it the right way.

Risk is the foundation of good information security.  But if you don’t know what information you have -- and what it’s worth - your organization is likely to have an information security program that is not properly aligned to the real risks the enterprise is facing.  Poor risk management doesn’t just mean bad security, it also means difficulty justifying a budget to get the right controls in place.

InterPoint Group works with global enterprises to establish risk-based information security controls implementation, right-sizing their security programs in the process.  From policies, standards and procedures, to strategic security functions such as identity and access management, InterPoint Group helps organizations reduce risk, rationalize security budgets, and maximize the value of security.

Our information risk and security capabilities include:

Enterprise Risk Assessments.  Identification of all criticial enterprise assets and their value, to ensure your organization implements the right security controls -- with a fully justified budget to back it up.

Vulnerability and Threat Assessments. Deep discovery and risk-based analysis of known technical and operational vulnerabilities, and specific recommendations to reduce the risk they represent.

Identity and Access Management.  Comprehensive strategy and implementation of the complete user management lifecycle.

Policy, Standards and Procedures Development.  Seamless integration of enterprise-wide policies, standards and procedures to reduce enterprise risk.

Governance, Risk and Compliance.  Design and implementation of complete and effective programs for integrating regulatory and industry mandates, business operations and risk management activities.

What We Do