One of the more important findings & recommendations in the Advanced Cyber Security Center's 2019 Report on ‘Leveraging Board Governance for Cybersecurity,’ "is the reality that, for the most part, boards are not in a position to provide strategic guidance on cyber risk." “In particular, the ACSC report has identified a need for a risk standard, much like those frameworks that financial and audit risk functions have refined over decades, that would help guide decision making and operations as they relate to cyber risk management.”
The Cybersecurity Program Readiness (CPR) Assessment was designed to help organizations of all sizes identify, quantify and evaluate the key program elements needed to enhance or build an effective cybersecurity program as well as providing a mechanism for standard communications with senior managment.
SRG Advisory Group's Cybersecurity Program Readiness (CPR) Assessment is designed to achieve the following:
- Provide a foundational approach for your organization to further develop and enhance its cybersecurity program strategy based upon industry accepted standards such as COBIT, ISO 27001 and the NIST/CSF
- Align current and future cybersecurity initiatives and priorities against those of the organization
- Provide immediate focus on the business-critical aspects of your cybersecurity program
- Develop a cybersecurity strategy focused on continual improvement which will guide the organization towards aachieving its cybersecurity program goals