Information Risk Management

Aeritae – your trusted advisor for Information Risk Management

Aeritae believes that Information Risk Management (IRM) programs must respond to rapidly changing business needs.  Aeritae balances best practices and proprietary methodologies developed by experienced risk consultants, each with 10 to 30 years industry experience.

We believe an effective information security program should provide you with:

  • Business enablement
  • Cost effective compliance
  • Information asset protection

We help you achieve these objectives through:

  • Seasoned information security and compliance architects – Our staff includes a dozen top-notch professionals that come from complex IT Organizations.
  • Proprietary methodologies and tools – These provide structure and process to drive efficiencies in client risk programs

Aeritae’s Value Equation –

IP + Experience = Cost Reduction + Enhanced Security

Aeritae has invested in tools and methodologies built by senior risk practitioners. Leveraging this intellectual property, our experienced consultants help clients identify business and compliance risks.  They then develop cost effective solutions to remediate business and compliance risks.

These times of increased compliance requirements and regulatory scrutiny place IRM leaders in a difficult position.  They are often responsible for guiding their companies through a thicket of multiple laws and regulations.  At the same time budgets have tightened while insider and external threats have increased.  To help its clients solve these thorny problems, Aeritae provides a range of solutions from IRM strategy and governance to security testing and audit remediation.  Through all of its solutions Aeritae consultants address both business and regulatory needs for confidentiality, integrity and availability.

Aeritae’s risk services provide offerings in the following areas:

  • Information Risk Management (IRM) Program Services– Including strategy, governance, and policy/standards development
  • Build/Remediation Services – Including security architecture, identity/access management, PCI & HIPAA remediation, and network security
  • Security Operations – Third party risk portfolio management
  • Security Validation – Network & Application Penetration Testing, and Vulnerability Scanning & Analysis
  • Assessment Services – Including Aeritae’s unique series of ISO, PCI, and HIPAA Health Checks, PCI Pre-Audit Validation and a full range of assessments against ISO 27002, HIPAA, FISMA, or client defined standards

Risk-Offerings

Download our Information Risk Management Mission Statement HERE.  And check out our Whitepapers!

Whitepapers -

Developing Information Security Policy and Standards: The Foundation of Information Risk Management

Reducing Risk from a Third Party: A Practical Operational Approach