Service Portfolio

Index of Portfolio

Who are our clients?

Russian national mobile operator "MegaFon"

Russian national mobile operator "Vimpelcom"

Russian national mobile operator "MTS"

"KPMG"

"Ernst & Young"

Oil company "LUKOIL"

National bank "Sberbank Russia"

Largest Russian railroad company

Aluminium company "SUAL"

IT risk management

Risk management is the process of implementing and maintaining appropriate management controls including policies, procedures and practices to reduce the effects of risk to an acceptable level. The principles of risk management can be directed both to limiting adverse outcomes and achieving desirable ones. The process involves identifying, analyzing, assessing, treating and monitoring risk in all areas of Company operations and business.
IT risk management should be incorporated into all decisions in day-to-day operations and if effectively used, can be a tool for managing information proactively rather than reactively.
IT Risk Management helps minimize business risks of information disclosure, services unavalability or information assets modification. Current international and Russian Risk Management methodologies and tools are difficult to use in large enterprises. Also, the result of such tools can rarely convince Top Management for additional information security spendings.
We took into consideration these shortcamings while developing our own Risk Management solution, which is based on Carnegie Mellon University “Managing Information Security Risks: The OCTAVE Approach” guidelines and the only international Risk Management Standard “AS/NZS 4360:1999”.
IT risk management should be incorporated into all decisions in day-to-day operations and if effectively used, can be a tool for managing information proactively rather than reactively.