Enterprise Information Security Architects

Enterprise Risk and Security Assessments * Business Continuity Assessments (BIA)

Vendor and Supply Chain Security Assessments * Strategic Road Maps and Tactical Planning
Enterprise Security Architects
  • Strategic Roadmaps
  • Risk, Privacy, and Security Assessments
  • Business Continuity Assessments (BIA)
  • Vendor Supply Chain Assessments

Enterprise Security Assessment
Our Enterprise Security Assessment provides an organization's leadership with a comprehensive view of the it's security posture and risk profile, and establish key performance indicators for analyzing the Confidentiality, Integrity, and Availability of sensitive data and protected systems.

Our team of security architects and consultants use a multi-phase approach to:
  • Collaborate with leadership and key stakeholders to establish Key Performance Indicators best fitting the organization's industry sector, regulatory requirement, and business services.
  • Establish the current security posture and risk profile of the organization.
  • Determine the organization's desired state incorporating it's "risk appetite".
  • Analyze the GAP between the current and desired state.
  • Prepare a strategic road map and tactical plan including budgets for capX, opX, internal, and external labor.

Establish Framework and KPIs

NIST 800-53 r4

Establish security posture and risk profile

Assess management practices, operational processes, and information technology

Employs trust but verify workshops and interviews to gather data

Determine current maturity level

Current State Analysis

East-to-read report card and maturity scale in a dashboard view.

Formatted specifically for leadership and non-technical individuals.

Five-Point scale establishes maturity of the program by analyzing KPIs specific to your business. 

In-depth section for business associates and 3rd parties.

Desired State Analysis

Develop the Desired State collaborating with leadership and the key stakeholders to understand and align business and security goals.

Evaluate vulnerabilities and threats, conduct qualitative and quantitative risk analysis to understanding risk reduction opportunities and residual risk implications. 

Develop the Desired State of the Enterprise Security Architecture.

Gap Analysis and Budgets

Gap analysis to identify individual projects necessary to develop or improve management programs, governance, operations process and information technologies 

Multi-year budgets to help leadership understand, justify, and plan for capital and operation cost, as well as external and internal human capital requirements.

Risk Road Map

Risk Reduction road map to provide leadership and non-technical interested party with a simple view of necessary projects

Identifies the potential for risk reduction and cost of sustaining an Enterprise Security Framework.