Skip to main content

Know your IT threats and reduce risks: with our Security Risk Treatment services

Information, IT systems and application processes are subject to complex threats. Knowing these and using them to determine the specific risks for the individual situation is essential. We support you with our Security Risk Treatment services.

A comprehensive and customized threat analysis is the key to deriving concrete IT, operational and business risks and identifying the necessary measures. With its methodical Security Risk Treatment services, RUAG ICT Consulting will help you to establish adequate protection for your information and its processing.


Comprehensive and customized

Our Security Risk Treatment services enable the customized determination of individual threat scenarios.

Risk-reducing measures

Our activities form the basis for risk-reducing measures to improve information security.

Access to comparison projects

By utilizing comparison projects with concrete analyses, we can assess threats and risks and recommend measures.

We offer the following services to support you in the area of Security Risk Treatment:

  • Collection of the involved components on systemic, process-related, organizational level (1)
  • Determination of the threat scenarios along the attack chain (2)
  • Threat assessment against requirements, processes and information (3)
  • Carrying out business and system impact analyses
  • Drafting and design of risk situation pictures and landscapes
  • Evaluation of necessary measures for risk reduction
  • Creation of a risk and residual risk report, including visualization


  1. e.g. system documentation, use cases and processes
  2. e.g. attack vectors, attack surfaces, criticality and plausibility
  3. e.g. security specifications, business processes, operational processes, information security and data protection


Martin Krähenbühl
Manager ICT Consulting
Stauffacherstrasse 65
3000 Bern 22