BEK, Inc.’s information security assessment will identify what you are currently doing to protect your information, assess its effectiveness against industry standards, inform you of your current risk, and give you customized priorities for moving your company toward an improved security posture. The assessment is based on the information security principles defined in the internationally recognized standard ISO/IEC 27002 (formerly ISO/IEC 17799:2005).
A True Information Security Risk Assessment looks at your business holistically.
BEK’s certified professionals will interview key personnel across your organization examining the following areas:
- PROCEDURAL SECURITY
- Information Security Policies and Documentation
- Information Security Management
- Personnel Security & User Training and Awareness
- Information Security Incident Management
- Business Continuity Management
- PHYSICAL SECURITY
- Secure Areas
- Asset Management
- TECHNICAL SECURITY
- Protection Against Mobile and Malicious Code
- Electronic Commerce Services
- User Access Management
- Access Control
- Correct Processing in Applications
- Cryptographic Controls
- Configuration and Change Control
Upon completion, you will receive a comprehensive report detailing the findings and recommendations for each area investigated as well as a high level picture of your company's overall status.
We will develop a customized remediation road map based on the gaps identified. Our report will equip you with the knowledge necessary to reduce your company's risk.