The ISF’s Information Risk Assessment Methodology 2 (IRAM2) is a globally recognised approach that enables risk practitioners to perform end-to-end business focused information risk assessment in a way that supports engagement with business stakeholders.

Our consultants will help your organisation realise the full potential of IRAM2 by:

  • defining a risk appetite and supporting resources (for example, a Business Impact Reference Table) to reflect the risk posture of your management and nature of your business
  • Identifying your threat profile to highlight threat actors, threat attributes and threat events that are relevant to your organisation.
  • Assessing existing vulnerabilities
  • Helping you to develop pragmatic risk treatment plans.

ISF consultants can either train your own staff to perform IRAM2 risk assessments, undertake full risk assessments for you, or deliver a combination of these approaches.

Case Study:

ISF Consultants helped a large organisation from the Oil and Gas sector to carry out the Scoping, Business Impact Assessment, Threat Profiling and Vulnerability Assessment phrases of IRAM2 risk assessment methodology, culminating in a comprehensive plan to mitigate risk to a critical business system.

Executive Summary

Information Risk Assessment (IRAM2)

Please fill out the form below to download a complimentary Executive Summary.

Please provide your details to download this document:

Please check this box to confirm that you have read and agree with our Privacy Policy and Terms Of Use

By downloading this document you agree to being contacted by the ISF.

Please enter the email address you previously registered with to access the download: