Independent Converged Security Risk Audit
Introduction
Some organisations have been working with a converged security model for a number of years, and are already realising the many benefits that it brings. Managing enterprise, operational and physical security alongside information technology security, from a single perspective, enables a more cost effective and coherent view on risk issues facing a business.
For businesses that have an established converged security model an independent audit is a useful way to ensure that the benefits of a converged approach have been fully realised and helps identify other areas that may form part of this converged approach.
An audit will consider your converged security risk activities from a governance, management, intelligence, response and resolution perspective. The outcome will be independent and verifiable evidence of your converged security risk activities and provide an actionable framework enabling you to confirm the benefits of your converged strategy.
The benefits of an independent converged security risk audit
Each audit will be customised to meet individual business and security objectives to ensure that maximum value is realised from the work.
Typically the report will cover :
• Confirmation that target savings are being achieved from the converged approach
• Confirmation that converged responses are more effective at protecting the organisation from risk
• Help in identifying improvements to a converged approach and further asset coverage
• Evidence for external parties that your organisation fully understands and responds appropriately to threats as well as risks irrespective of the target
• Assessment of compliance levels against new ISO risk standards including the ISO 27001/5 and 3000 series.
• Practical support with the verification of compliance and regulatory requirements.
• Outline how we could help you oversee and implement projects that might be recommended in the report.
Alternative and related services
After the audit has been completed the team at Incoming Thought would be delighted to work with you further across other areas of your risk portfolio. Typically this would consist of a range of practical and useful services ranging from consultancy engagement to address particular risk issues through to training and awareness for executives and staff.
All of these services can be customised to meet local objectives.
