Compliance Workshops

SureCloud's certified security consultants facilitate Compliance Workshops (ISO 27001/2, PCI DSS, GCSx CoCo) to guide the organisation through the requirements of each Standard, highlighting areas of compliance and non-compliance, and also providing recommendations for solutions (commercial and open source) or compensating controls (if relevant) to achieve a status of Compliant. Key stakeholders from the organisation (Information Technology, Human Resources and Finance - where systems and/or processes crossover to these departments) are asked to come prepared with information (and examples if appropriate) about the systems, policies and processes currently in place. A detailed findings and recommendations report will be produced for the organisation following the Workshop.

SureStrategy^TM - Strategic Security Assessments

SureStrategy^TM is an independent, practical, efficient strategic security assessment - designed to deliver a medium term security roadmap. The process assesses over fifty organisational security elements covering technology, policy, process and procedures. It uses a combination of internal knowledge and judgement from key internal stakeholders, with qualified security professionals, who are able to provide an independent and expert viewpoint. The key to this process is that the organisation remains in control of the process throughout.

The SureStrategy^TM process takes into account where the business is currently, where it wants to be in the future, and the required steps to achieve that vision. Business risk and impact are considered throughout each of the stages. Budget and cost considerations are taken into account and a final project evaluation and prioritisation is carried out resulting in a definitive security roadmap. Throughout the process, detailed documentation - produced by the facilitators - provides an audit explaining each key decision. The final output is an executive level presentation, which outlines the process, details the roadmap and associated projects and most importantly identifies the residual risk the business is exposed to. The diagram below illustrates the roadmap output and how refresh Workshops can update the process.