Strategic Services

Strategic Services

Strategic services consist of cross-cutting management and governance functions to paint a picture of the desired future and long-term goals of the cyber security organization’s mission.

Program & Controls Assessment

A baseline study that identifies the current state of cyber security for the organization. This study is designed to assess cyber security functions against a framework of applicable industry and compliance drivers. Additionally, it is designed to identify the strengths and weakness of how the organization currently addresses cyber security across the enterprise – to include both management and functional perspectives.

CISO’s Blue Print

The blue print leverages the results of the program and controls assessment study to formally establish the cyber security program vision, goals, and objectives. Additionally, the blue print captures the organization’s overall, enterprise-wide cyber security value chain and process, along with a high-level road map for implementing the program and achieving the stated program goals and objectives.

Policy Suite & Policy Requirements Development

The policy identifies the specific organizational roles and responsibilities that support all cyber security activities, as well as captures the accepted information risk posture for the organization.  It is important that the policy be developed in coordination with business unit segments and other key stakeholders to ensure that the information security program and overall approach is responsive to business requirements.

Project & Program Management

We have developed several successful project and program management strategies that have been critical to the success of our client engagements. These strategies include employing proper mechanisms and tools, establishing and managing to project timelines, and ensuring the timeliness and quality of deliverable.  Our objective is to employ proven techniques so that project management activities can support, but not impede, valuable project activity time.