SecureState begins our due diligence work by performing a full risk assessment of the seller. This risk assessment will identify the various individual risk that pose the biggest challenges to the seller organization, examining the controls in place to mitigate or remediate these issues. This should provide the buyer with a clear understanding of the security and compliance efforts already in place at the seller company.
Additionally, SecureState will work with the buyer to understand the reason for purchasing the other organization. If the buyer is purchasing the company for one particular asset or purpose, that asset should be the focal point of any assessments. Any gap assessments or audits should be built around the reason for the purchase, with efforts outside that scope completed only in as much as they affect the primary goal asset.
SecureState will target our assessments as the buyer needs. We will use the FAIR methodology to apply probabilities and potential dollar losses on any specific risks or events we identify. By doing this, SecureState will provide the buyer with the valuable intelligence needed to inform any purchasing decision.