This week blog is a teaser to our beta-release of Assessment Accelerator (AA). We have been working hard on this productivity toolkit for all of the assessors out there to enhance and maximize your assessment process.
From ISO to PCI DSS to FISMA, assessments require the assessors to systematically step through a series of controls, to review the implementation documented by the control owner and the corresponding evidence and workpapers for the control, and to make an independent determination if the control is effectively implemented. If the control is not effective or not satisfied, the identified risk and risk statements along with appropriate risk levels and recommendation must be documented. Where findings are identified, they can be classified into categories such as People, Process, Technology, etc. for additional analyses.
The data capture and reporting on each control implementation and effectiveness is one of the most time-consuming and error-prone operations of the assessment process. Caplock Security's Assessment Accelerator streamlines the assessment process by providing one-click data documentation and built-in error checking.
Depending on the standard, the assessment repeats itself over and over until all of the applicable controls have been completed. The aggregated results nonconforming controls are then determined and reported. Assessment Accelerator summarizes all controls assessed based on your assessment plan. AA also provide comprehensive reports and dashboards mapped to other standards include SANS Critical Security Controls and NIST Cybersecurity Framework.
Stay tuned. More to come.