In the course of the information security situation analysis, we examine our clients’ IT system and related services relying on the ISO 27000 family of standards and the best practice recommended by manufacturers.
The information security situation analysis works as an audit aiming at providing objective information about the current state of the IT infrastructure. In the next step, we use the information thus acquired for establishing the availability of IT systems, the possible risk factors as well as the eventual security or operational shortcomings.
In the context of the assessment, it is considered essential that the testing methods are as objective as possible and provide a realistic picture of the current state of the IT system.
After assessing the IT systems, we submit a report to our clients detailing the problems and shortcomings discovered during the screening. Not only does the report cover the current status, risks, errors and shortcomings of the IT systems, but it also contains detailed suggestions for dealing with these issues.
As part of our proposals broken down to timeframes, we will define the following:
- The priority, criticality and recommended order of implementation of proposed measures
- The duties and measures to be performed
- Estimated timeframes related to the performance of tasks and the chronological plan for the implementation and scheduling of proposed measures
- The estimated cost of proposed measures and solutions
- The estimated resource demand for proposed measures and solutions