A Compliance Assessment includes a complete review of privacy and security policies and procedures and any actions taken in support of those policies, as well as a review of information flows and risk analyses and assessments to determine the thoroughness of preparations for compliance.
If Information Flow Analysis, Risk Analysis and Risk Assessment information is not readily available, analyses can be performed as part of the compliance assessment. Detailed assessments include a thorough physical site examination and interviews with knowledgeable personnel, as well as reviews of documentation and any prior assessments.
Based on the information gathered, each requirement of applicable regulations is examined to determine the adequacy of the policies, procedures, and practices established in meeting the requirements.
The result of a complete Compliance Assessment performed by Lewis Creek Systems is a report including descriptions of reviews undertaken and a listing of issues that should be addressed to improve compliance. In addition, any actions taken to support the assessment, such as Information Flow Analysis or Risk Analysis, are fully documented.
The result is a report that will not only help ensure your compliance today but also provide a good foundation of documentation for future assessments performed as part of your continuing Integrated Information Security Management Process.
The final step in a complete assessment is for Lewis Creek Systems to conduct a risk determination and planning meeting, wherein stake holders meet to discuss the issues described in the compliance assessment report, make informed decisions about risks, and set priorities for management and mitigation of risks to information security. Such a meeting is an effective first step in implementing an Integrated Information Security Management Process for organizations lacking an existing process.
Find out more about the Integrated Information Security Management Process
Find out more about Policy Review and Development Services
Go to the Services Overview