The objective of the project is to obtain a differentiated view of business applications risk profile according to their Confidentiality, Integrity and Availability, aligned with the costumer's Risk Mgt methodology:
- evaluating the inherent risk of the application from a business perspective;
- assessing separately the financial impact, the regulatory impact and the client impact in case of respectively confidentiality, integrity or availability incident;
- ultimately slotting the applications in one of the 5 buckets of different risk profile.
Assessments will be conducted through workshops with business owners of the applications, business managers, Risk Management and enterprise architects.
This project is key to support the prioritisation for the deployment of the costumer's security initiatives.