Strategic Security Review

A high-level overview of the business' security stance taking into account its position both geographically and within its market sector, taking account of the threats, risks and vulnerabilities with the expressed aim to understand:

 

  • The security culture within your the organisation

  • What security should mean to your company

  • What a comparable organisation of similar size and profile should have in place with respect to the security organisation, reporting line, capability and resourcing

  • The efficacy of the security governance function

  • Whether you are meeting your legal duty of care obligations

  • Clarity over the existing governance of the security function including duty of care considerations, alongside stakeholder aligned focus

  • Create a Corporate Security Operating Model to reflect company requirements

  • Conduct an asset prioritisation/criticality review from a security perspective

  • Map security threats and risks to the company

  • Establish target security state of maturity considering peer group/ industry comparisons

  • Develop a high-level project plan for fieldwork considering scope/focus & prioritisation.

 

Approach:

 

Through stakeholder interviews and group workshops.

 

Example deliverables being:

 

  • Board level executive summary

  • Gap analysis of current versus target state maturity

  • Security Risk Map

  • Baseline for security culture and awareness

  • Translation into executable tactics to achieve strategic aim

Website and content © of Enterprise Security Risk Management Limited. Created by IT@enterprisesecurityrisk.com. ESR logo is a registered TM.

Global Cyber Alliance DMARC Cyber Security
Global Cyber Alliance DMARC Cyber Security