Herjavec Group works with organizations to perform an independent, high-level assessment of their corporate security posture in order to understand their existing information security technology and business process controls.
During the Current State Review, Herjavec Group employs a risk-based approach, The Three Sphere of Influence Security Assessment, to assess the current security framework and security posture of the organization.
The Three Spheres of Influence approach assesses your organization’s security framework and security posture by reviewing:
- Security Architecture
- Preventative Controls
- Detective Controls
The Three Spheres of Influence Security Assessment approach is fashioned after control frameworks found in ISO, Cobit, and NIST. Herjavec Group begins the information gathering process by interviewing select individuals and by reviewing appropriate documentation. We bring decades of assessment experience and a keen understanding of the specific technologies deployed in the customer’s environment. Throughout the review we develop an understanding of the organization’s information security management configuration, including information security responsibilities, security governance, security policies, security controls, security operations, security monitoring and follow-up procedures.
As an output from the assessment, Herjavec Group creates a report to highlight the key findings and provides remediation recommendations.
The finalized package includes:
- Executive Summary
- Gap Analysis
- Detailed Roadmap
- Targeted Action Plan
- Customized Presentation