MENU

Security Gap Analysis

Security Gap Analysis

Often business managers and technical teams do not have a clear understanding of what is required to protect both the business and its information assets in an increasingly connected operational environment. Gaining a clear and concise understanding of what your critical information assets are, where they are stored and how they are protected is essential in modern business practice.

This service is aimed at providing you with an overview of your organisations security maturity or posture, providing the answers to’ we don’t know, what we don’t know’. This will provide a security baseline and remediation plan from which you can build a security framework enabling you to integrate security into your business planning from a position of greater clarity and more focused direction. We can base the gap analysis on ISO 27001 (typically for commercial customers) and NZISM (typically for those in Government).  We can also work with your specific framework as required.

section icon security consulting More Information:

  • Outcome

    This service is designed to deliver a tailored analysis of an organisations security posture in the context of key information assets and critical business operations.

    Outcome

    This service is designed to deliver a tailored analysis of an organisations security posture in the context of key information assets and critical business operations. This will provide any organisation with:

    • Insight to provide clarity on information security in your business context -  ‘we don’t know what we don’t know’
    • Identify business critical information security assets
    • Detail the state of security controls against an agreed control framework
    • Prioritised mitigation strategies that fit into your current and proposed work programmes, budgetary framework and staffing levels
  • Standard Service Features

    This service will typically involve the following activities:

     Standard Service Features

    This service will typically involve the following activities:

    • Identifying your information assets and ownership
    • Conducting a gap analysis against your chosen standard or framework
    • Provide prioritised recommendations for remediation work to address identified gaps
    • Produce a full Gap Analysis review including detailed findings and summary report that can be consumed and understood at the Executive level
    • Provide assistance with delivery of the findings