Current State Security assessment is performed to identify the Client’s Information Security Current State compared against good practices and industry standards and to define the maturity ratings and risk ratings for each of domain areas identified as part of scoping
During the course of this engagement, Green Method will interview/meet with Client’s stakeholders and will perform an analysis of key Information Security documentation (including existing policies, procedures, standards and guidelines) from which we will obtain an understanding of Client’s current information security practices and planned related initiatives.
Our assessment methodology is to assess Client’s Information Security Current State against good practices and industry standards.
Green Method will utilize our inhouse developed Security Framework which aligns to industry standards, including ISO/IEC 27001. We can also measure against the UAE information security standards like UAE-IAS (Nesa/Sia) and DG-ISR.
The assessments will be done on, but not limited to the following domains;
For the risk and maturity ratings, we will utilize industry standard risk-based methodology to determine residual risk exposure based on inherent risk and specific control effectiveness: