Information Security Program Assessment

How complete is your security program compared to a standard framework?

Information Security Program Assessment shows you how effective and mature your information security program is, across the board. Whether your concern is regulatory as in HIPAA or GLBA, contractual as in PCI DSS, or a matter of good practice as in ISO 27002 or NIST SP 800-53, this assessment captures your security goals and shows you the way forward. This service can address strategic guidance, gap analysis, and pre-audit requirements.

Integrating results of other parts of our Cybersecurity system of services, we show you the strengths and weaknesses of your program based upon rigorous analysis of your network, hosts, applications, documentation, and information collected from your staff.

Our Information Security Program Assessment using the ISO 27002 security controls framework includes:

  1. Security Policy;
  2. Organization and Information Security;
  3. Asset Management;
  4. Human Resources Security;
  5. Physical and Environmental Security;
  6. Communications and Operations Management;
  7. Access Control;
  8. Information Systems Acquisition, Development and Maintenance;
  9. Information Security Incident Management;
  10. Business Continuity Management, and
  11. Compliance.

Interhack has been providing expert Cybersecurity guidance since its organization as an unincorporated research group in 1997, and delivering results to clients since the Corporation's formation in 2000. The firm's experts have been used to help organizations defend against attack, as expert witnesses to help courts understand critical issues with security failures in litigation, and to ensure that sophisticated technologies such as cryptographic controls deliver the needed results.

Talk confidentially with us to find out how we can provide you expert security guidance that gives you the information needed to defend your organization confidently.