Business consultancy by Capitar security will help you assess which security measures best fit your risks and how you can best deploy them in your organisation. Our consultancy focuses on security in general and can be purchased separately from our implementation and support services. We can support you in the following matters:
Information classification and risk analysis
Not all your information is equally valuable to you and not all your information is at the same risk. Some information, such as personal data or strategic business information should not fall into the wrong hands, other information is public, such as your website, but should not be mutilated or lost. Once you understand the risks, we look at what vulnerabilities there are, what threats they pose, how likely they are to occur and what measures you can take. Whether you consider these measures worthwhile naturally depends on the costs and feasibility.
Implementation in the organisation
All security measures require an organisational change, sometimes small, often substantial. To successfully implement such measures, it is important to pay sufficient attention to them. The most important questions are where, when (and how often) the users will be confronted with it and what inconvenience it will cause them. This determines the way in which you introduce the measure. For more technical measures this is often easy to oversee, but for identity management and identity governance this requires a solid approach.
Maturity
Obviously you have already taken security measures. With our maturity scans we can help you determine whether the current measures are sufficient. They give a good picture of where you stand in terms of information security.
Architecture
Information security is a complex whole of organisation, processes and technology. By drawing up a thorough security architecture, you will be able to properly assess the dangers and possibilities of the current situation and future changes.
We translate your organisational goals into principles and then map out the information security organisation,
information flows and systems.
Functional specifications
In the event of a major change in the field of information security, it is important to establish the functional specifications well in advance. This is in order to get an accurate picture of the eventual operation and the impact on the organisation and its working methods. This can be written in the form of user stories, use cases and processes.
