Challenges
Solution
The Security Program Gap Assessment encompasses a formal review of the organization’s entire security program and security controls against industry-standard frameworks.
The assessment includes a thorough review of available security policies, procedures, and standards along with a series of security staff interviews to understand the scope and effectiveness of the organization’s security program.
At the conclusion of the assessment the organization is presented with a detailed report of the assessment including selected positive observations and opportunities for improvement. The report also includes actionable recommendations and a roadmap for implementation.
The engagement ends with a formal presentation of the report to the security team along with an opportunity for the team to ask clarifying questions.
Challenges
Solution
The Incident Response Plan Gap Assessment includes a formal review of the organization’s Security Incident Response Plan against the leading industry frameworks from the National Institute of Standards and Technology (NIST) and industry best practices.
The assessment looks for inclusion of the recommended essential elements and evidence of the plan’s effectiveness and continuous improvement.
Upon completion of the assessment, the organization receives a comprehensive report that includes both positive observations and identified areas for improvement. These improvement opportunities are further supported by specific recommendations and a suggested roadmap for implementing those changes. The engagement concludes with a formal presentation of the report to the organization.