About

A control assessment evaluates the effectiveness of an organisation’s implemented and planned security controls to mitigate their security risks or to comply with a chosen security control framework or standard.

How we can help

Pākiki can provide an assessment that will consist of:

• Evaluating that the required controls are identified, planned or implemented.
• Assessing the current effectiveness of implemented controls.
• Identifing missing controls and control deficiencies.
• Developing a roadmap for security controls improvement.

Methodology

The particular methodology will vary depending on the client’s needs, however broadly speaking the methodology is:

1. Information Gathering: Understanding your current risk mitigation strategies and respective implemented or planned security controls.
2. Review Gaps: Understand where there are current gaps in your security control effectiveness.
3. Provide advice: Take the output of the above checks, and use our understanding of your business to provide practical, tailored advice on how to improve your security control effectiveness.

Assessments will be against the client’s chosen risk management framework or against a framework we recommend (e.g. ACSC Essential 8, CIS, NIST, ISO 27001).

Get in touch

We’d love to hear more about your organisation, and to discuss how we can help.