FISASCORE™ Information Security Assessment

 

WHAT IS A FISASCORE?

FISASCORE is a comprehensive, risk-based measurement of information security assigned to your company based on a proven and thorough assessment process. Once completed, FISASCORE will identify critical vulnerabilities, control gaps/deficiencies, and applicable threats to the security of your organization.  FISA is a proprietary assessment tool that encompasses the ISO. IEC. COBIT5. CCS CSC. NERC and the NIST Cybersecurity Frameworks. These combined standards create a new baseline to measure Information Security best practice. In addition, FISASCORE takes the subjective nature common among many industry assessments and makes them objective.

WHY IS A FISASCORE IMPORTANT?

FISASCORE allows businesses and organizations to know and understand how they are vulnerable and how they compare with peers within similar industries. FISASCORE can also be used to communicate the level of information security risk to interested third-parties (customers, stakeholders, auditors, regulators, et al.).

FISASCORE is constantly calibrated to the latest security threats used by attackers with controls designed to mediate those threats and protect data from unauthorized access, disclosure, distribution and destruction. The FISASCORE framework consists of a thorough evaluation of risks within four phases: Administrative Controls, Physical Controls, Internal Technical Controls, and External Technical Controls.

fisacontrols.png

WHO NEEDS A FISASCORE?

Every organization, big or small, should be aware of their most significant information security risks. FISASCORE will identify and address your organization’s risks through a standardized, consistent and efficient process that enables all members of your organization to quickly and confidently understand and quantify risks.