Understanding the state of your security controls in relation to international recommendations and industry peers is an important part of meeting compliance requirements and positioning security investments. The CompuCom® Information Security Management System (ISMS) Benchmark is a professional service that measures, reports and illustrates your maturity level in comparison with ISO/IEC 27001 and 27002 standards, as well as industry peer organizations.
The ISO/IEC 27000 standards cross map to nearly every compliance standard — PCI, GLBA, HIPAA, FERC, NERC, FISMA, SOX, Basel II and others. To find areas that need improving, we measure your information security management system processes, control objectives and controls against these standards.
The ISMS Benchmark analyzes your security management process, and includes the following:
- Context of the organization
- Performance evaluation
Through years of tuning and advising clients on security strategies and best practices, we know that each organization has a unique balance of preventive activities, compliance efforts and acceptable losses for optimal business value and protection.