Customer was required to conduct a Gap Assessment against GDPR…
The CIO sought an objective point of view on the current state information security (IS) program, including opportunities to improve compliance and overall alignment with IS leading practices. The results of the assessment would be used to enhance the future IS strategy in line with a broader initiative within the organization to “reset” IT.
- Conducted a comprehensive risk assessment, identified risks across organization (Operations, Facilities, Human Resources, IT Infrastructure etc.) and provided recommendations
- Developed Policies, Procedures and supporting forms, templates for information security
- Conducted Vulnerability Assessment and Penetration Testing (VAPT) for IT Infrastructure and Web Applications, identified vulnerabilities and provided recommendations for mitigation.
- Conducted a security architecture review of IT Infrastructure, identified gaps and provided recommendations.
- Conducted a maturity model assessment for all components of information security and developed roadmap.
- Supported the client in creating an Information Security roadmap:
- Analyzed the client’s information security program’s current state using Maturity Model framework through key user interviews and document reviews.
- Performed a gap analysis and preparing recommendations for reaching the desired future state.
- Facilitated workshops for reviewing the results from current state analysis, defining the desired future state and prioritizing development projects and their estimated costs.