BH Consulting have a well worked formula for conducting Security Maturity Assessments which is suitable for SME’s right through to large and multi-national organisations.
The purpose of the assessment is to review the current management of information security from a Governance, Risk and Compliance standpoint. While BH Consulting can perform in-depth technical testing, that is not a function of this exercise, it is instead a company-wide review of all facets of information security involving people, process and technology.
A security maturity assessment requires a good understanding of your business and the important drivers for you and your organisation. Our process benchmarks the status of your information security against information security standards and best practices such as the ISO 27001:2013 standard, NIST Cybersecurity Framework (National Institute of Standards and Technology) and CIS Controls (Center for Internet Security).
Our specialist team will provide you with a report and will discuss each of the key areas to ensure the impact of our findings are fully understood. We will also prioritise risk mitigation measures and actions tailored to your organisation’s size, resources and risk appetite.
During this engagement we will have an in-depth workshop with you to better understand your organisation and assess the current status of your information security to identify the following:
Our security maturity assessment will help you make more informed choices about choosing the right security controls by determining the following:
This service can be carried out remotely.