<img alt="dcsimg" id="dcsimg" width="1" height="1" src="//www.qsstats.com/dcs8krshw00000cpvecvkz0uc_4g4q/njs.gif?dcsuri=/index.php/c/a/Business-Intelligence/Symantec-Moves-into-Risk-Consulting&amp;WT.js=No&amp;WT.tv=10.4.1&amp;dcssip=www.baselinemag.com&amp;WT.qs_dlk=XTSEbuFzFCbiOLZSZJQe8wAAAAg&amp;">

Symantec Moves into Risk Consulting

By Brian Prince  |  Posted 2007-06-14 Print this article Print

The company's new consulting service offers to help business execs prioritize and implement risk management projects.

Symantec is offering a new consulting service that will assess customers' IT risks and offer advice on plugging the gaps it identifies.

Called Symantec Foundation IT Risk Assessment, the service identifies, categorizes and prioritizes current IT risks so organizations can invest in projects that manage risk, cost and performance more effectively.

The service also includes workshops and interviews with employees, and measures the maturity of an organization's IT risk management policies in comparison with industry standards such as ITIL (Information Technology Infrastructure Library) and BS17799, said Darren Thomson, senior director of IT risk management at Symantec, based in Cupertino, Calif.

"It's impossible to prioritize and therefore budget effectively for risk management projects if you don't have a complete picture," Thomson said.

Symantec unveils a "do-it-all" data risk management suite. Click here to read more.

Symantec Consulting also uses the Symantec INFORM (Information Assurance Risk Model) tool to gather data from clients and generate gap analyses and solution recommendation reports. The INFORM program is a set of vendor-neutral tools, based on Symantec's peer benchmarking platform made up of more than 800 customer surveys on IT risk management, Symantec officials said.

The service culminates with a full report that includes an executive summary of the organization's IT risk posture as well as recommendations for remediation.

"The Foundation IT Risk Assessment really allows us to engage with a client to help them to take that first step so they are able to build a very comprehensive view of the IT risks that exist in their organization," Thomson said.

While there are many other companies that perform risk assessments, Jon Oltsik, an analyst at Enterprise Strategy Group, said Symantec's service distinguishes itself from some consulting services because it focuses on multiple areas.

"It's a real good, focused scorecard on where you stand and what you need to do," Oltsik said.

The list price of the service is roughly $50,000.

Check out eWEEK.com's Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK's Security Watch blog.

eWeek eWeek

Have the latest technology news and resources emailed to you everyday.