Information Security Assessment

The IBM Information Security Assessment provides a comprehensive evaluation of an organization's existing security policies, procedures, controls and mechanisms in relation to best practices and industry standards, such as ISO 27002. The IBM Information Security Assessment is performed by security experts that identify risks and outline specific, actionable steps to improve the overall security posture.

Evaluates current information security posture

Identifies vulnerabilities and determines gaps in the information security environment

Helps protect the confidentiality, integrity and availability of critical data

Provides recommendations for mitigating identified risks based on the globally recognized ISO 27002 standard and industry best practices

Leverages a proven methodology that includes interactive information gathering sessions, process and mechanisms assessments, vulnerability scans, and manual testing and review

Supports efforts to comply with government and industry regulations

Assessing the current security state
Understanding your organization’s security state and identifying vulnerabilities are the first steps toward protecting the confidentiality, integrity and availability of critical data. These steps are also integral to regulatory compliance efforts. Remaining unaware of security risks can leave your organization vulnerable to attacks targeting the network, or a breach resulting in the loss, misuse or exposure of sensitive data. This chain of events can lead to significant financial costs to address the attack or breach and even a loss of customer trust and damaged reputation.

To establish an effective security strategy, you must start with an accurate evaluation of the current information security posture. The IBM Information Security Assessment provides a comprehensive evaluation of the existing security landscape in relation to industry best practices and regulatory requirements. Consultants not only gather information regarding current controls in place, but also evaluate their effectiveness to identify risks and provide detailed, actionable recommendations for mitigating risks and improving protection. In addition, IBM Internet Security Systems^TM (ISS) expert security consultants frame the Information Security Assessment recommendations in terms of your business objectives.