Customer Definition of an Assessment

by Sean Martin.

	Tweet
Share	\|

Homepage | Submit your article | Contact | TOS

More articles on management

You are here: Categories » Business » Management

A critical first step for an assessment project is to come to a common understanding on what composes an assessment. Often you have to spend a great deal of time with potential customers just defining what they are looking to accomplish with the “assessment” process.The term assessment has been used loosely for years to describe everything from an audit to “attack and penetration” testing. NSA has broken up what has been traditionally called assessments into a threephase, top-down approach.

1. Assessment The assessment is an organizational-level process that focuses on the nontechnical security functions within an organization. In the assessment, we examine the security policies, procedures, architectures, and organizational structure that are in place to support the organization. Although there is no hands-on testing (such as scans) in an assessment, it is a very hands-on process, with the customer working to gain an understanding of critical information, critical systems, and how the organization wants to focus the future of security.

2. Evaluation The evaluation is a hands-on technical process that looks specifically at the organization from a system/network level to identify security vulnerabilities that exist in those systems and can be mitigated through technical, managerial, or operational means. Evaluations are often confused with assessments.The IAM specifically focuses on the assessment, but elements of evaluations can be included in the IAM process. NSA calls this a Level 1+ assessment.This includes doing technical analysis of the firewalls, intrusion detection systems, guards, and routers. It may also include some basic vulnerability scans of the customer’s networks. In addition, the IAM process provides excellent information that leads into future evaluations.

3. Red teaming Red teaming, often called attack and penetration testing, is a process whereby someone imitates an adversary looking for security vulnerabilities to make it easy to break into a system or network.This is often called the low-hanging fruit because these vulnerabilities are the easiest means into the customer network.

Leave a comment or ask a question

Total comments: 0

Disclaimer

The e-articles directory is not responsible for any and all copyright infringements by writers and authors. If you suspect the information contained by this page for any copyright infringements, please contact us to investigate the issue

7 Trade Show Secrets on How to Create a Stand Out Booth - Trade shows can be a wonderful source for developing a supply of new leads for your sales cycle. If you are new to the trade show circuit however; beware of jumping right in without doing some ho (more...)

Brief Description of contract manufacturing - An organization capable of manufacturing or purchasing all the components that needed to produce a finished device or product. It involves the process of making of subcomponents or products for o (more...)

Corporate Events Management In The Benelux Countries - When it comes to corporate events, those holding their meetings in Belgium, the Netherlands or Luxemburg are spoilt for ideas. With centuries of history and culture, outstanding sports and leisur (more...)

Buying and Selling Used Office Furniture Saves Your Business Money - Buying the new furniture is not always a good decision every times. It's sometime better to use used furniture which is in good condition & save assets. Looking to cut your expenses a (more...)

Art Management Career Outlook - As knowledge of the arts and other cultural activities grow in abundance in subsequent years, the entertainment industry evolves along with the rise of many forms of art and other kinds of amusemen (more...)

Art Management Job Description - Becoming an Art Manager They go under different names. You may call them artists' representatives, agents, managers or consultants. Under all these titles the art management job description (more...)

Business Security Equals CCTV Security - Business security takes a whole new meaning if you run a store or any other venture that involves dealing face to face with customers. You will need more than honest employees and solid doors and l (more...)

Minimizing Bias in Organizational Surveys: Guidance for the Practical Researcher - Survey research has become an important part of organizational management. Bias constantly seeks to corrupt even the most thoughtful and thoroughly planned for survey endeavor. This (more...)

Monitoring Social Media is Important for Business - Hire a virtual assistant to monitor social media because it is very important to know what people are saying about your business and your products. For businesses, the sayi (more...)

Basic Instructions to Select Moving Companies Tampa - Moving Company Tampa - Always Choose The Genuine Ones If you are looking for a genuine moving company Tampa that will be enough responsible to help you migrate to your new (more...)

free content

Copyright © 2006 - 2012 e-articles.info.
The texts, articles and tutorials in the directory are property of their respective owners and authors.