Citicus : Our services

Our software

Why managing information risk is important

How Citicus ONE works

What makes Citicus ONE so special?

Software capabilities

Product availability

Platform requirements

Request a demonstration

Customer case studies

Services

Citicus provides a range of services to help organizations implement a risk management process through our Citicus ONE product. Some of these services are also available from our Implementation partners.

The services we can offer customers are described below and include:

Citicus ONE hosted service
Training
Citicus-assisted trials
Risk management services

Citicus ONE hosted service	Our Citicus ONE software is available as a hosted service, providing an alternative to an in-house installation. This offers a very flexible approach that allows you to get started immediately without having to set up the infrastructure to support the application internally. Hosted implementations can be migrated to in-house installations subsequently if required. Our hosted service is used by organizations with the most stringent security requirements and has been subjected to thorough independent review. For more details of our hosted service, please contact us
Back to top
Training	Our highly-rated 2-3 day training courses are designed to provide: a solid understanding of the business rationale for managing information risk, and the key concepts and statistics that underlie the risk management approach implemented by Citicus ONE (including the ISF’s FIRM methodology) first-hand experience with using Citicus ONE’s core capabilities realistic insights into the benefits of managing information risk using Citicus ONE and the resources need for doing so, based on extensive experience elsewhere an opportunity to discuss implementation issues face-to-face with the chief architects of the FIRM methodology / Citicus ONE. Individualized courses are normally delivered as a 3-day event for a particular customer, held on their premises. A typical course programme is outlined below. Day one - the FIRM methodology, its statistical background and its automation and enhancement through Citicus ONE Day two – hands-on training in our Citicus ONE software Day three – a ‘live’ half-day risk assessment of an operational information system through a facilitated workshop followed by a session on risk remediation action planning ‘Public’ courses are held for people who wish to learn about what’s involved in implementing FIRM on an enterprise-scale using Citicus ONE, before making a commitment to implementing the methodology. These are delivered as 2-day events with 6-30 participants, typically drawn from more than one organization. A typical course programme is outlined below. Day one - the FIRM methodology, its statistical background and its automation and enhancement through Citicus ONE Day two – deploying the methodology in your organization (gaining support, tailoring the approach, developing an implementation plan) The 2004/5 series of FIRM/Citicus ONE training starts in Miami, USA on 7th-8th October 2004. Places are limited but are currently available. Further 2-day events are being scheduled for: London, England Stockholm, Sweden Amsterdam, Netherlands Dublin, Ireland Johannesburg, South Africa Chicago, USA Prices will be determined by the final number of attendees and location. For planning purposes allow £600 per person per day. Please contact us directly if you would like to book a place on one of these courses, or require more details of our training services.
Back to top
Citicus-assisted trials	We can support you in a pilot of the FIRM methodology using Citicus ONE. This typically involves Citicus-led workshops to conduct risk assessments for a small number of business critical information systems to provide a ‘proof of concept’ of the approach. A pilot can employ an installation of Citicus ONE on your organization’s intranet or our own hosted service. For more details of our assisted trials, please contact us.
Back to top
Risk management services	We can provide qualified staff to plan, support or run your information risk management process. Examples of the services we can provide include: Provision of consultancy and project management for establishing an information risk management process based on Citicus ONE within your organization. This can involve anything from advice on the best approach to implementing Citicus ONE within your organization to the provision of a full project office to drive it’s implementation on your behalf. Risk workshop facilitation. We can provide external resources to facilitate risk assessment workshops for your critical information systems. This can be used to supplement your own staff or to assist in the transfer of skills to your information security personnel. Development of a ‘harm reference table’ that matches your organization’s business activities and risk appetite. This will typically involve assisting you with interviewing top management to collate and distil their opinions on risk and representing this in the unique Citicus ONE Harm reference table. Mapping your standards of practice onto the control areas used by FIRM. This will involve helping you to integrate the FIRM risk management process with your existing security standards, whether these are based on ISO17799/BS7799, ISF Standard of Good Practice, COBIT or a set of internally-developed standards. For more details of our consulting services, please contact us.
Back to top


	Home \| Our software \| Services \| Resources \| News/events \| Customers \| Partners \| Company \| Contact us \| Privacy policy \| © 2008 Citicus Ltd