Security Architects Partners performs assessments to help clients recognize their current security posture, and improve their security programs and infrastructures. We deliver assessments in the following formats:
- Comprehensive Assessments: Cover governance, risk, process, policy, service management, development, technology and more from confidentiality, integrity, and availability perspectives. Identify and prioritize gaps as well as provide recommendations for mitigating the gaps. Examples: NIST CSF, or ISO Assessments.
- Focused Assessments: Cover one or multiple security domains, from one or more perspectives, using the client’s desired compliance or control frameworks.
- Self Assessments: We can tailor and deliver security criteria through which clients can assess the maturity of any security domain in their environment. These criteria are designed for widespread use, to be filled in by functional teams.
- Custom or Specialized Assessments: Risk assessments, vendor or service provider assessments, GDPR readiness assessments, and more.
We have a standard set of tools we use for security program assessments, security domain assessments and some custom or specialized assessments. Where necessary we work with clients to prepare tailored assessment questionnaires and interview schedules. After conducting a series of interviews and rolling up the results for client review, we generate a draft report, take comments, and provide a final report. For larger, more complex assessments, we can offer onsite assessment workshop delivery, or a combination of online and onsite workshops.