What does IRM mean for suppliers to government?

Information Risk Management (IRM) is the process of identifying, understanding and managing the risks to your information within the context of your organisation’s business needs. But what does it mean for you and your business if you supply products and services to HM Government?

1. IRM means you get a strategic view

Tackling information risk needs strategic thinking and a broad view. Your information assets are many and varied –from confidential company information to intimate staff details and sensitive government information. IRM helps you identify your most important assets and the threats and vulnerabilities you face as a consequence of doing business. It also helps you to assess the impacts on your business and to decide if you can live with the resultant risk? If you cannot, then take action to reduce the risk.

2. Information risk means a strategic decision

Without this broad view, strategic direction is difficult. As with all other forms of business risk, a top-down, holistic view is required with IRM. A strategy for managing information risk will help develop a positive approach that will balance risks with business opportunities.

3. IRM means you can put the risk in context

Information risk is a living agenda item, not a “once-and-done” task. The context changes as your business grows and risks change too. Smart IRM ensures that your response to the risk reflects each change. If you put the risk into context you’ll get the level of security that’s right for your business at that time: not too much, not too little. It’s a lean, efficient approach to risk mitigation and long-term control.

4. IRM is more than a tick-box exercise

IRM goes further than a security standard. Achieving an information security standard is a very positive step but if it’s only a tick-box exercise, it will not necessarily protect you sufficiently or deliver the value you desire. IRM makes sure you are tackling the real issues on a continual basis, not just window-dressing.

Combine achieving relevant information security standards with effective Information Risk Management if you want adequate protection now and in the future.

5. IRM enables a balanced and flexible approach

IRM enables you to focus and target investment – it isn’t all critical. This focused approach brings efficiencies that can save you money.

IRM means that all information is identified, valued and appropriate controls put in place to protect it in the context of the business requirements. When it comes to looking at BYOD or the Cloud it allows for flexibility where required.

Protect what needs to be protected. Understand the value of your information, understand the risks and put appropriate controls in place.

Take action

Embrace Information Risk Management within your business. A balanced IRM approach will help you to reduce the risks to the government information you hold and deliver wider business benefits managing the risks to your own information. Looking at both will deliver cost efficiencies and strengthen your business across the board.

Article by Dave James, MD of Ascentor.

Written by


Receive the latest Cyber Security News and Content

Fields marked with an * are required


Ascentor Ltd is committed to protecting and respecting your privacy, and we'll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

You can unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow Ascentor Ltd to store and process the personal information submitted above to provide you the content requested.

Green Bird - White top right

Contact Us

Your cyber security challenges and our pragmatic approach – we could be the perfect fit.
Contact the team at Ascentor for an informal chat.

Get in Touch