Security Architects Partners performs assessments to help clients recognize their current security posture, and improve their security programs and infrastructures. We deliver assessments in the following formats.
- Full Security Program Assessments: A comprehensive assessment of over 20 security domains in an organization. The full assessment covers governance, risk, process, policy, service management, development, technology and more. It identifies gaps, prioritizes them, and provides recommendations for mitigating the gaps.
- Rapid Security Domain Assessments: Covers a portion of the security program (typically 5 or fewer related domains). It captures the critical points of analysis for the domains in scope to identify gaps and recommendations.
- Deep Security Domain Assessments: A comprehensive, in-depth analysis of gaps and more detailed recommendations for security domains spanning a portion of the security program (e.g. cloud security, identity management, cybersecurity and others).
- Custom or Specialized Assessments: Risk assessments, vendor assessments, cloud service provider assessments, project validation and other types of assessments.
We have a standard set of tools we use for security program assessments, security domain assessments and some custom or specialized assessments. Where necessary we work with clients to prepare tailored assessment questionnaires and interview schedules. After conducting a series of interviews and rolling up the results for client review, we generate a draft report, take comments, and provide a final report. For larger, more complex assessments, we can offer onsite assessment workshop delivery, or a combination of online and onsite workshops.