NET COMPLIANCE SOLUTIONS

Strategic Security Assessment

	Net Compliance Solutions Strategic Security Assessment     NCS Strategic Security Assessment service provides our clients with the means to establish a robust management-driven security function that has as its first priority the protection of customer information and corporate assets.  Not only does this process protect the corporation and its clients, it shows executive due diligence and leads the way towards compliance with regulatory standards.   The NCS Strategic Security Assessment Plan Determines:   -          How Secure You Are Now -          How Secure You Need To Be -          Provides the essential building blocks of a Management Driven Strategic Security Plan   How Does SSA Accomplish This   -          Conduct In-depth examination of the current state of the security function -          NCS examines in detail the 7 major security functions and 44 corresponding sub categories measured by the major compliance standards -          Over 500 individual security statistics are examined and measured -          NCS compares the results with Industry Peers -          Measure Performance against applicable regulatory compliance standards -          Provide detailed “Gap Analysis” -          Implementation Plan -          Strategic Investment Plan -          Measure results -          Before & After Analysis -          Budget -          Executive Due Diligence   Regulatory Standards;  SSA measures the current state of a clients security function against one or more of the recognized industry standards for regulatory compliance including the more generalized security standards like ISO 17799 and CoBit  as well as more focused standards like FISMA, HIPAA, Sarbanes-Oxley (SOX), GLBA, and the PCI Standards among others.   Key Question From Strategic Security Assessment   What is Your Security Gap? NCS Strategic Security Assessment service provides our clients with the means to establish a robust management-driven security function that has as its first priority the protection of customer information and corporate assets.  Not only does this process protect the corporation and its clients, it shows executive due diligence and leads the way towards compliance with regulatory standards.   The NCS Strategic Security Assessment Plan...   -          Determines how Secure You Are Now -          Determines how Secure You Need To Be -          Provides the essential building blocks of a Management Driven Strategic Security Plan   How Does SSA Accomplish This?   -          Conduct In-depth examination of the current state of the security function -          NCS examines in detail the 7 major security functions and 44 corresponding sub categories measured by the major compliance standards -          Over 500 individual security statistics are examined and measured -          NCS compares the results with Industry Peers -          Measure Performance against applicable regulatory compliance standards -          Provide detailed “Gap Analysis” -          Implementation Plan -          Strategic Investment Plan -          Measure results -          Before & After Analysis -          Budget -          Executive Due Diligence   Regulatory Standards;  SSA measures the current state of a clients security function against one or more of the recognized industry standards for regulatory compliance including the more generalized security standards like ISO 17799 and CoBit  as well as more focused standards like FISMA, HIPAA, Sarbanes-Oxley (SOX), GLBA, and the PCI Standards among others. 7 Security Functions and 44 Sub-categories Over 500 Individual Security Elements Examined Net Compliance Solutions, through extensive interviews and analysis, examines more than 500 individual security elements included in the seven major security functions and forty-four corresponding sub-categories shown above. The analysis examines each element in depth comparing the clients current state with that required by the applicable regulatory standard Partial View of Supported Regulatory Standards Current Security Profile Measured Against Standards Click Image To Enlarge The Strategic Security Assessment service measures the current state of our clients security function against the requirements of one or many compliance standards. These standards inlude the broader standards like ISO 17799 and CoBit, and industry specific standards like GLBA, HIPAA, PCI, FISMA, SOX and others.   This is the basis for our comprehensive standards based "GAP ANALYSIS" The Strategic Security Assessment compares our clients current security function and target security goal with their industry peers. This data is taken from a database of approximately 1000 studies     The chart shows current security rating, target goal, and average rating for the industry group Industry Peers Shows Current Security Profile vs Peers and Goal Click Image To Enlarge GAP ANALYSIS OVERVIEW Shows Gap Overview By Major Security Function Click Image To Enlarge This chart provides a graphical representation of the present status of the clients security function and the "distance" to the target goal within the 7 major security functions.   It is the basis of more detailed reports that address compliance gaps. This is an example of how the Strategic Security Assessment can be used to examine a single regulatory compliance standard.   In this case the report illustrates performance against the PCI Standards.  The report provides a graphical representation of compliance for each of the 12 sections specified in the PCI Standards. PCI Security Standards Compliance Measurement Against PCI Standards Click Image To Enlarge Regulatory Standard Measurement Choose a Standard - Measure Current Compliance Click Image To Enlarge This report shows compliance as measured against the ISO 17799 standard.  ISO 17799 is a comprehensive security standard that is based upon security "Best Practices"and does not favor any particular standard or industry.  It is widely regarded as one of the more robust standards that can be applied and has been widely adopted in government and industry alike  Regulatory Standard Measurement Choose a Standard - Measure Current Compliance Click Image To Enlarge The Strategic Security Assessment provides comprehensive detail regarding specific compliance gaps according to the measured standards. In this illustration the Disaster Recovery and Business Continuity Plan have been examined and specific details regarding the client's current status have been reported along with the actions necessary to bring the client up to the compliance goal set by management Due to the depth of the analysis of the complete security function, this report can reach several hundred pages