Gap Analysis helps you to gain a holistic view of your current information security posture in comparison to internationally accepted security standards and legislations such as ISO 27001, NIST, ASD-ISM, PCI-DSS.
The results will assist you in developing a security roadmap to identify and prioritise the projects based on a business risk-driven approach.
We work closely with your management team to identify and establish the business context and requirements of having information security.
The service includes conducting interview meetings with process owners and your IT department to identify and assess the control environment and current IT projects.
Once we identify and analyse the effectiveness and efficiency of security controls, and their importance to the business, we’ll provide strategic recommendations to mitigate identified control gaps.
Our team are seasoned, experienced and business-minded security consultants with an average of 10 years experience having conducted hundreds of gap analyses to clients across state and local government, health and nonprofit organisations.
They’re all well-versed with legislative and regulatory compliance such as Federal Privacy Act Amendment (2012), ISO 27001, PCI-DS, and regulatory compliance examinations with standards such as PCI-DSS, ISO 27001, ISM ASD and ITIL/ISO 2000.