Professional Documents
Culture Documents
- Our approach:
- Level 1: Quick Health Check (drivers, strategy, governance & org, reporting)
- Level 2: Holistic Security Program Assessment (covers all components of the CPA
framework)
- Level 3: Comprehensive Domain Assessment (deep-dive into selected components of the
CPA framework asset management, data protection)
- CPA Lifecycle
- Top-down + bottom up integrated risk assessment approach to identify the
organizations keys risks and cybersecurity gaps
- Maturity Levels
- 1 Initial
Basic, ad-hoc, undocumented, limited organizational support
- 2 Managed
Partial capability in place with a combination of some tools and technologies
- 3 Defined
Defined capability is in place with significant technology and tools for some key
resources and people
- 4 Quantitatively Managed
Mature capabilities are already in place with a lot more advance technologies
- 5 Optimized
Advanced technologies