Security Accreditation Support / Evaluation of Risk – Assessment Management and Implementation
Security Accreditation is the action of forming an informed judgement that the INFOSEC risk in the operation of a system is manageable and within organisational risk tolerance. This decision is one that should be discharged implicitly or explicitly for all systems.
PO Consulting can assist with such decisions according to our values. We can either discharge decisions directly according to delegated risk authority or we can support such decisions indirectly depending on client wishes.
These decisions and support are always predicated by a risk assessment supported by an agreed, realistic risk management approach. Depending on client requirements, we can offer enduring accreditation approach through life of the system up to and including system disposal. This includes high value architectural validation consultancy which can be used to validate architectures in the context of business need and risk landscape.