ORGANIZATIONAL CAPABILITY ASSESSMENT
Service Description
We will assess your environment for opportunities to improve your security operations and technology. We will seek to answer questions such as:
- Where are the gaps in your defense - personnel, processes and tools?
- How mature is your organization today and what level should you strive for?
- What milestones should you follow to reach that target maturity?
Our Methodology
We will review your existing documentation, in written and oral form, to understand your current defensive capability. We will discuss with you, in person, our recommendations for capability and defensive improvement, and we will document those recommendations in a deliverable.
We will first review your existing infrastructure documentation and standard operating procedures to find opportunities for improvement. We will talk with the existing IT team to understand undocumented processes and infrastructure details that may conflict with today’s best practices.
You can provide us with security and incident response documentation to the extent it is available. For example, you can send us information about your processes and architecture, your people, tools and structure, and any penetration test reports or previous assessments you have conducted. We can review data including, but not limited to, customer requirements, security operating plans, team member resumes, firewall rule sets, network intrusion detection configuration, design and installation, and your Active Directory, Open Directory or LDAP architecture and object configuration.
We will review those documents off site so we understand the basics of your defensive posture. We will use that understanding to construct an agenda of discussions with your personnel. We expect that review will take about ten business days. We will determine the list of people we need to interview and we will coordinate with you to schedule those interviews at your organization on one or two consecutive days. Typically we interview about six people over the course of two days.
We will travel to your site and perform those interviews. We will meet with key personnel for about 30 to 45 minutes. Then, our team will spend the remainder of the time in interactive discussions with the security team, exploring possibilities for projects and tactics. We will seek to understand how your people and tools contribute to your current incident detection and response capabilities, what your technical capabilities are, how those capabilities complement or conflict with others in your organization.
After we’ve spoken with your people, we will compile the data. We will measure your organization on a scale of zero to ninety-nine in several key areas, and we will identify what level we believe you should attain. We will also construct a roadmap of actions and/or milestones you should undertake to improve your maturity, ranking it by difficulty and priority.
We will construct a slide deck and/or written report off site and discuss the report with you before it is considered final.
Our Deliverables
In addition to the usual status updates and meetings, CAG will deliver written drafts of the following material:
• Assessment of your organization’s current maturity and our recommended target maturity level
• Our observations and findings from the documentation review and discussions
• Roadmap of actions to take to improve your maturity and approximate difficulty and priority of each action
• Slide deck with our findings and summary recommendations, and/or
• One to two-page Executive Summary report with a high level overview of key observations and the maturity of the organization
We will deliver this information in written form and we will provide a senior executive briefing as well as a technical brief as desired.
