Proud | Assessment Services

A gap analysis is a method of assessing the differences between existing controls such as policies , processes , procedures or system configurations and desired controls such as global standards , laws and regulations , frameworks or best practices. The results of the assessment is the recommendations to strengthen the gaps through prioritized initiatives that would add to ensure the minimizing the risk of operational activities , financial or reputational losses.

Risk assessment consists of the risk identification , risk analysis , and risk evaluation. Risk assessment considers the consequences of the risk and the probability that such consequences will occur. The risk assessment is useful for the organizations which are interested to continually identify , assess and reduce IT-related risks within levels of tolerance set by enterprise management.

Cyber security assessment involves the comparisons of current cyber security controls with desired controls such as National Institute of Standards and Technology (NIST) cyber security framework (CSF) , ISO/IEC 27001 , COBIT5 for Information Security , Cyber Essentials , Center of Internet Security (CIS) or Hong Kong Monetary Authority (HKMA). The output of the assessment is the areas of improvement and gap remediation recommendations.