Readiness Consulting
GRC Certification ISMS - ISO 27000 series
GRC Certification ITSMS - ITIL / ISO 20000
GRC Certification BCMS - BS 25999
IT Security Training
HISP GRC Certification
GRC Certification Controls Framework Development
GRC Certification Governance, Risk and Compliance (GRC)
IT Security Training
HISP GRC Certification
Independent Assessment
GRC Certification Compliance/Readiness Assessment
GRC Certification Integrated Assessment
GRC Certification Maturity Assessment
GRC Certification Management System Maintenance
GRC Certification Data Security Audit
GRC Certification Shared Assessment Audit
GRC Certification Internal Audit
GRC Certification Mock Audit
IT Security Training
HISP GRC Certification
Case Studies
GRC Certification

IT Security Training
HISP GRC Certification
GRC Certification
Independent Assessment - Compliance/Readiness Assessment
GRC Certification

What is a Compliance/Readiness Assessment?

A Compliance/Readiness Assessment is a confirmation that an organization, meets the requirements of accepted practices, legislation, prescribed rules and regulations, specified standards, or the terms of a contract.

Why do you need a Compliance/Readiness Assessment?

It is increasingly evident that an ever growing number of organizations have come to the conclusion that they need to establish some sort of formal "compliance program" in order to better ensure that they are adequately and responsibly carrying out their various ethical, legal and fiduciary responsibilities and obligations and that they are minimizing and safeguarding the organization, its shareholders, officers, customers and employees against the risks and liabilities inherent to the specific industry.

In today's world it's becoming more difficult to stay on top of compliance requirements and strategy to meet those requirements. The threats, solutions, and regulations are so many, that it's hard to know where you stand. What you are doing today might not be compliant tomorrow. Strategies you are using today may not work tomorrow. What was compliant two years ago probably isn't anymore.

How can eFortresses assist?

eFortresses Compliance/Readiness Assessment process is very unique because we always seek to maintain the right balance between assessing a client against the letter of a regulation or standard versus assessing them against the spirit of the regulation or standard.

eFortresses Compliance/Readiness Assessment approach includes the following steps:

Scope confirmation
Review of Documentation
Interviews of process owners, management and other relevant stake holders
Physical walkthroughs of sites, including data center and relevant processes

The Deliverables from our Compliance/Readiness Assessment includes:

The Executive Summary Letter is a business risk oriented synopsis of the assessment. It provides an overview of the assessment performed, providing key descriptions of the scope set forth, objectives, and approach. Rather than focusing on technical jargon and specific implementation merits, we present to client the weaknesses and potential business impacts of the observations noted during the assessment by highlighting key findings and recommendations. We will work in conjunction with our client to ensure that the executive summary letter is in a format that meets our client's requirements.

The Executive Dashboards are provided as a graphical depiction (charts) of the current Compliance Posture at each client site, including areas of non-conformance relating to processes, policies and procedures, plus applicable regulations.

The Remediation Plan is a detailed technical report of the assessment in the form of a Microsoft Excel spreadsheet containing the client's Controls matrix. This document will also contain the detailed results from the assessment. Unlike the Executive Summary Letter and Executive Dashboard, this section of the report is more detailed and states the control weaknesses found and recommendations required for compliance (remediation plan).

The Certification Roadmap is a Microsoft Project plan that is intended for getting the client compliant with detailed actionable items derived from input from our client's Management and Process owners during the assessment. We prioritize these actionable items by severity and estimated timeline for remedial action.

For more information, please contact us by filling out this form

Name *  
Title *  
Email *  
Telephone *  
Job Title *  
Company *  
Address *  
City *  
State/Province *  
Postal/Zip *  
Country *  

Security image:

Verification (Type what you see (case-sensitive)):
Comments *  
GRC Certification

GRC Certification
GRC Certification
IT Security Training
GRC Certification HISP GRC Certification
Bookmark and Share