Symantec has launched a risk assessment service that it claims is the first to consider the four major categories of IT risk holistically.
The need to consider threats to security, compliance, availability and performance together rather than separately was a major message from Symantec at its user conference in Las Vegas, Nevada.
If the service is new, does that mean that Symantec has only just started to follow its own advice? The answer is not entirely clear.
Symantec's consulting practice director, Darren Thomson, acknowledged that before the company began the pilot of the Foundation IT Risk Assessment service, it had been offering risk assessments to customers "in each of those discrete areas [of availability, performance, security and compliance.]"
"But we were giving advice to people in those spaces expecting them to develop the holistic view. Customers have been asking us to help develop that view," Thomson said.
The service involves two consultants, and involves three weeks of investigation, assessment and reporting on customers' IT risks, at a list price of $50 000.
As for any vendor offering consultancy services, Symantec will inevitably generate some skepticism that the risk assessment doubles as a sales tool.
Thomson said that the assessment reports and presentations to customers make no reference to any specific products. "The consultants could not even answer product questions if you asked them," Thomson said.
Symantec said it has already sold a pilot version of the service to some dozens of customers.