Process & Organization Component
To determine your organization's level of compliance with applicable security or data protection regulations
To identify gaps or non-compliances that could expose your organization to an unacceptable level of risk
To assess the relevance of organizational structures in charge of IS security
To evaluate IS security management systems
To analyze IS security operations and procedures
To assess existing defenses against physical intrusion attempts
To determine target security levels and action plan
To determine readiness for an ISO 27001, ISO 22301, ISO 27701 certifications audit
To obtain reasonable assurance of compliance with applicable standards, regulations and contractual framework (RGPD, local cybersecurity legislation, NIST, etc.).
To determine the level of cybersecurity maturity
To determine target security levels and action plan