Company Services Training Resources Contact

Enterprise Security Assessments

Security assessments are intended to give an organization expert feedback on the strengths and weaknesses of their current information security program. In some cases, a security assessment also identifies how well the information security program meets regulatory (e.g. FFIEC) or standards-based (e.g. ISO 17799) criterion.

The Security PS Strategy Methodology™ allows us to offer several different types of security assessments to best meet the needs of our clients. Assessments provide feedback ranging from a very high-level report on compliance with essential security practices to a detailed report examining dozens of security practices and potential technical vulnerabilities.

Choosing the right assessment and project components ensures that you get the most value from your investment.

Basic Security Assessment

The Basic Security Assessment is targeted at organizations with a minimal Internet presence, small IT infrastructure, and young information security program. This assessment aims to provide the client with a quick gap analysis of their information security strengths and weaknesses. Our recommendations direct the organization's improvement efforts on the areas of greatest need.

Security PS produces a single security assessment document that includes an executive summary and the assessment findings combined with our recommendations for remediation. Basic security assessments include a project kickoff meeting, weekly written status reports, and an executive closeout meeting.

Standard Security Assessment

The Standard Security Assessment aims to meet the needs of medium sized organizations that may have experienced a security assessment in the past and have outgrown the basic reporting. These organizations are committed to further reducing business risk and need information security practices examined in greater detail.

Security PS produces a single security assessment document that includes an executive summary, a security program scorecard, and the assessment findings combined with our recommendations for remediation. Standard Security Assessments include a project kickoff meeting, weekly written status reports, a technical closeout meeting, and an executive closeout meeting.

Premium Security Assessment

The Premium Security Assessment is the choice of medium or large sized organizations that must make serious commitments to information security. These organizations face greater risk and therefore demand greater expertise and reporting during assessments.

Security PS produces a single security assessment document that includes an executive summary, a security program scorecard, and the assessment findings combined with our recommendations for remediation. Specific attention is called to both security practice successes and challenges in order to give the organization an accurate picture of the information security program status. Practice risks and technical vulnerabilities are also documented in a separate spreadsheet for remediation purposes.

Premium security assessments include a project kickoff meeting, weekly written status reports, a technical closeout meeting, and an executive closeout meeting.

Click here to learn more about enterprise security assessments and how Security PS can assist with reducing your security risk and help you achieve short and long term security goals.

 

 
 
© Security Professional Services, Inc. All Rights Reserved | Legal & Privacy Statement