Done-For-You & Outsourced Client Deliverables

• Security Risk Assessment
  • Comprehensive Assessment of Risk
  • Executive Summary
  • Cyber Risk Index Score
  • Scenario Analysis of Threat Impact
  • Gap Analysis with Remediation Recommendations, Narrative Form

• Vulnerability Assessment
  • Identification of Known and Rogue Assets
  • Inventory of All Identified Assets
  • Assessments of Vulnerabilities on All Identified Assets
  • Report of Weaknesses Found; to be included in the Risk Assessment

• Policy Updates/Additions
  • Policies to be Updated and/or Created for Identified Gaps and Weaknesses Not Already Covered by a Policy or Procedure
  • Additional Compensating Controls Where Technology isn’t Feasible

• Gap Analysis/Plan of Action and Milestones (POAM)
  • Work Plan Explaining Each Weakness
  • Grading Importance of Weaknesses Against Regulation
  • Recommendations for Remediation and Mitigation Strategies.
•  Reliance Opinion
  • A vCISO/vCCO to Provide an Objective Evaluation of the Report
  • Aligning Results with Regulation(s)

Other Client Deliverables

(Non-Outsourced Clients, Non-Done-For-You Clients & Non-Clients)

Because we don’t have as robust visibility into these client’s systems, there are certain items that we cannot perform or more labor-intensive processes need to be implemented, therefore, pricing and bundling is reflected for these bundles.

• Security Risk Assessment
  • Comprehensive Assessment of Risk
  • Executive Summary
  • Cyber Risk Index Score
  • Scenario Analysis of Threat Impact
  • Gap Analysis with Remediation Recommendations, Narrative Form

• Plan of Action and Milestones (POAM)
  • Work plan Explaining Each Weakness
  • Grading Importance of Weaknesses Against Regulation
  • Recommendations for Remediation and Mitigation Strategies