Assessments that create business

August 18, 2010 — Leave a comment

We are on day two of an intense business planning session in Kentucky – of key topic that always comes up is, “How do we create business, and do the assessments we’re currently using work for this sort of thing?”

There are three common assessments I see out there:

1.  The vulnerability assessment is most common – a technical paper that identifies as many holes in the security architecture as possible.  The resulting report is generally very technical in nature, product focused (meaning: Network, application, etc.) and appeals to the IT department.  Certainly there is a place for this.

2. The pen test – penetration that is.  A test to see if the assessment team can break in.  This is fun, expensive and obvious…at least to the team.  They can always get in if they’re good.

3. The risk assessment – this should measure the impact of a loss, but equally, the likelihood of such an issue.

The third one is always most effective in building new business.

Advertisements

No Comments

Be the first to start the conversation!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s