Security Assessment
Having performed security assessments since 1997, Halock's assessment
methods, tools and techniques have evolved to deliver in-depth results
that our clients use to manage risk within their organization.
Whether a simple vulnerability assessment or an enterprise vulnerability
management program, Halock Security Labs provides professional security
assessments using a team of highly trained experts from their respective
domain of coverage. Our customized assessment scope includes all domains
of ISO 27002.
An organization's response to risk must be carefully evaluated and
planned. Various types of responses are possible depending on the
situation and may include: avoidance, acceptance, mitigation or
transference.
The most important step in the assessment process is the pre-assessment
phase. The pre-assessment is a non-billable working session with the
organization's key personnel and Halock's certified security
professionals (CISSP©, CISA©, QSA©).
Common objectives of an assessment:
- Identify critical business assets to provide a prioritized
framework for the assessment
- Identify areas of risk or potential risk within the IT environment
and make appropriate recommendations for eliminating or minimizing
those risks
- Understand the aims and objectives of the executive team and assist
in developing an appropriate security program to support those
objectives
- Make recommendations related to industry best practices for
information security as they relate to the areas and systems covered in
the assessment scope
- Provide clear justification for implementing recommendations in
terms of overall business value (i.e. reduced risk, improvement in
efficiency of IT operations, compliance, reduced operating costs, etc.)
- Assist in developing a comprehensive strategy for the ongoing
maintenance and improvement of the security program
- Identify needs for development of Vulnerability Management Program
Offerings include: