Serious risk. Serious innovation.

Picture of Threat and Risk Assessment & Security Assessment & Auhorization Lead

Practice Lead

Peter English

For over 15 years Mr. English has worked with public and private sector clients to develop policy, assess legislative and regulatory compliance, perform privacy and security assessments, and more. Through this broad experience Mr. English can provide risk management services which secure and empower business.

Security // threat & risk assessment and security assessment & authorization

Threat and Risk Assessments

A Threat and Risk Assessment (TRA) is a process for managing the risks by validating existing safeguards, supplementing these safeguards when necessary, and eliminating unnecessary safeguards.

So, whether you are adding new applications or systems to your environment, making modifications to your existing environment, or sharing information with new partners, a TRA will determine the risks to your business and provide strategies to mitigate those risks.

Benefits of a TRM TRA:

  • With over 20 years of experience providing TRAs to public and private sector clients, TRM can tailor a TRA to meet client needs
  • Annual updates to existing TRAs serve to protect your business in a landscape of continually evolving threats and risks.
  • Marketable to stakeholders as evidence of adhering to Industry Best Practices
  • Demonstrates Policy, Legislative and Regulatory compliance
  • Through the elimination of unnecessary safeguards a TRA can provide a Cost Reduction

Security Assessment and authorization

The Communications Security Establishment of Canada (CSE) has created a new model for risk analysis by moving away from the traditional Certification & Accreditation (C&A) approach to a Security Assessment & Authorization (SA&A) model: a more real-time, dynamic view of risk.

Many organizations understand the security of their information systems but don't have the extra resources necessary to analyze, review, and document their systems for SA&A. Whether you require assistance in setting up an SA&A program or enhancing an established program, TRM will work with your existing staff to help you accomplish your SA&A objectives.

TRM supports all aspects of the SA&A model and brings unique methodologies to each engagement, helping organizations assess their systems' security posture and make appropriate authorization decisions. TRM supports public and private sector implementation of the SA&A model by providing these key services:

  • Threat Modeling
  • Security Requirements Analysis
  • Security Architecture and Design Review
  • Application Security Code Reviews & Penetration Testing
  • Social Engineering & Enterprise Security Program Assessments

Please contact us if you would like more information on tra & SaA options that TRM provide.

Key Services

Threat Modeling

Security Requirements Analysis

Security Architechture and Design Review

Application Security Code Reviews & Penetration Testing

Social Engineering & Enterprise Security Program Assessments

Whether your agency requires assistance in setting up an SA&A program, enhancing the program you have already established, certifying new information systems, or validating new SA&A packages, TRM can help you achieve success.

Find a job or contract opportunity

TRM leverages over 20 years of staffing and IT services delivery in supporting all our practices and our clients HR staffing needs.



K1P 5G8

T: 613-722-8843
F: 613-722-8574