Prior to arriving onsite, SecureState will engage in several activities to prepare for the engagement, including scheduling an engagement kick-off call, providing interview scheduling guidance, and gathering initial client documentation.
While onsite, SecureState will interview personnel responsible for each of the 16 security domains within your organization. This will cross multiple boundaries, including such areas as IT, IT Security, Human Resources, Finance, and Operations. Once the onsite portion of the assessment is completed, SecureState will analyze the gathered information and begin to evaluate each control within the 16 security domains. Where applicable, SecureState may contact the client to request further documentation or schedule follow-up phone interviews to clarify findings.
Finally, SecureState will deliver the INFOSEC report which provides maturity ratings for each of the 16 security domains, an overall maturity rating, and a breakdown of controls which should be implemented to reach each domain’s next maturity level. SecureState will also benchmark your organization to help you identify where your security program compares to your peers.