Information Security & Operations Scorecard
Data Perceptions Inc
Security, Risk Management, Computer Networking
Data Perceptions uses a combination of methods to collect the information for the Information Security Report. Information is collected from workshops, interviews, configuration documents, network vulnerability scans and observations to develop the Information Security Report.
Data Perceptions has developed a formal approach to helping organizations arrive at the answers to key security concerns and to provide a roadmap on which to proceed in their risk mitigation effort.
Data Perceptions uses our custom Information Security & Operations Scorecard Methodology to aid in providing a risk assessment profile for an organization. The Scorecard was developed based on the 20+ years of experience of each of our team members dealing with security breaches and implementing preventative measures. The scorecard was designed to align with the ISO 27002:2013 framework, the internationally accepted framework for IT controls.
The CMMI (Capability Maturity Model Integration) scale is used to measure the effectiveness and maturity of managing and applying security controls. The CMMI scales ranges from 0, where processes do not exist to a 5 with a well-documented continuous improvement process. Most organizations strive for the 3-4 range depending on the industry segment.
Data Perceptions’ proposes to provide experienced consultants to lead your key information security stakeholders through a security scorecard process to help identify priority information security tasks, projects, and provide recommendations for improvement.
Data Perceptions proposes a collaborative approach through workshops to understand and define the organization’s security strategy. This cost effective approach will ensure that the outcomes meet the organization’s expectations. Workshops will be facilitated by a team of two (2) experienced consultants. This will provide a broader range of experience and knowledge during the workshops so that decisions can be made timely and confidently.
The Scorecard process will lead your organization’s key information security stakeholders in a workshop to understand and rate fourteen (14) security areas in an interactive workshop format. During the workshop, stakeholders will rate each of the security principles based on:
• Current Organization Maturity;
• Identified Target Maturity; and
• Organizational Priority for Improvement.
Based on the outcomes of the first workshop, a second workshop will be held to identify and prioritize mitigation tasks. The mitigation tasks will be based on general tasks identified in the ISO 27002:2013 standard, organization specific tasks, and constraints.
The output of the Scorecard process is a prioritized project and task list, specific to the organization, to address priority security gaps. Data Perceptions will also prepare a Security Ecosystem Map, Security Action Item Roadmap, and an Executive Summary of the workshop outcomes and recommendations for improvement.
Please visit www.dataperceptions.com for more information
, Computer Security
, network security
, Risk Management
, Security Management