Introduction to the CRIF Framework


Risk managers, information security practitioners, and continuity specialists all have an appreciation of data assets and their ‘currency’ to the business.  However these approaches are sometimes operated in silos and only converged by the business when there is a need for attaining compliance or for responding to an incident.  

What the approach below, outlined by the Cyber Risk & Insurance Forum (CRIF), aims to demonstrate is that the risk management domain is intrinsically linked to the successful identification, quantification, management and transfer of cyber risk to cyber insurance.
CRIF have a view that each organisation, regardless of size, should know how to identify their business risks and our model focuses on ‘what you do today’ and drives the outcomes for ‘what you should do tomorrow’.

Cyber Risk and Privcy Framework - Cyber Risk and Insurance Forum

The ability to manage an effective response, with the right resources is vital to effectively controlling and managing your IT activities across Cyberspace. 

A balanced approach, recognizing the needs you may have for additional and specialist skills and resources enables swift and focused response and the ability to minimize the overall impact of an incident.

For more information on how to the framework can be applied please contact us directly

Find out more about each phase of the CRIF Cyber Risk & Privacy Framework >>>