What is a Security Master Plan?
The Security Master Plan (SMP) is the strategic document that captures the current state of information security in an organisation, identifies priority areas for improvement and defines the roadmap to achieve the appropriate level of security aligned with business objectives and risks.
Security Master Plan components
Information security risk analysis
We identify and evaluate risks affecting the organisation's information assets, prioritising the most relevant threats to the business. This enables security strategies that are adequate — neither oversized nor insufficient.
Cybersecurity analysis
We assess the state of the organisation's defences against current cyber threats, analysing the technology, processes and people involved in protecting information systems.
Penetration testing (Ethical Hacking)
With prior written client authorisation, we perform penetration tests to verify the strength and suitability of internal and external defences.
SMP deliverables
- Executive report on the organisation's security state
- Risk map with identified risks and their impact level
- Gap analysis against applicable regulatory frameworks
- Prioritised action plan with improvement initiatives
- Implementation roadmap with effort estimation
- Technical, organisational and compliance recommendations