ProTegus Risk Management (RiskMGMT)

ProTegus Risk Management (RiskMGMT) services address the continual process of identifying, assessing, and monitoring management, operations, and technical controls to minimize risk.  Our practical approach follows industry best practices to identify, address, and mitigate vulnerabilities, threats, and risks affecting our customer’s critical environment, including major applications, general support systems, resources, and data.

Our RiskMGMT engineers perform comprehensive security assessments and evaluations of the IT infrastructure, as well as recommended corrective actions and appropriate enhancements to strengthen the security posture of the system and the organization.  A typical assessment includes the following activities:

• • Discovery and Evaluation:
    • • Expose potential IT security vulnerabilities.
    • • Evaluate the security posture of the IT environment.
    • • Plan and prioritize remediation efforts; and create a consistent, comparable, and repeatable system-level assessment of IT resources.

• • Implementation and Remediation:
    • • Execute all agreed-upon identified recommendations and procedures.
    • • Deploy state-of-the-practice security hardware and software at critical network nodes.
    • • Establish a security baseline across the IT infrastructure.
    • • Streamline and re-engineer the core security architecture and implement computer security measures to protect resources and data.
    • • Create an enterprise-wide security policy encompassing every workstation, server, and network device.

• • Continuous Monitoring:
    • • Conduct operational support of the deployed and implemented solutions. The ultimate objective is to provide our customer with a secure IT environment comprised of the hardware and software tools necessary for administering, monitoring, and enhancing existing major applications and general support systems.

Our practical approach and experience in risk management includes the following key activities:

• • Informed Expertise: Collecting and analyzing security requirements, regulations, industry standards and best practices.

• • Certification and Accreditation: Comprehensive assessment of the technical and nontechnical security features and other safeguards of Major Applications and General Support Systems.

• • Establishment of Security Policies and Procedures.

• • Independent Verification and Validation.

• • Contingency Planning and Disaster Recover preparation.

• • Security Testing and Evaluation (ST&E).

Connect with ProTegus RiskMGMT engineering staff to learn more about our experiences and what we can do for you. RiskMGMT@ProTegus.com