Assessing the Adequacy of Security Governance
The Three-Layer Control Framework can be used to identify major gaps and inconsistencies in security governance. The scope of the assessment can be information security as a whole or can be limited to a single business line, geographical location or security domain such as cybersecurity, data protection, identity and access rights, etc.
We can help you assess your governance and management practices. Our services include:
- Assessment of the current and desired level of maturity in each of the nine areas of security governance.
- Identification of the main gaps.
- Proposals to improve governance.
- Development of a roadmap of projects to reach the desired level of maturity.