Gap Analysis

In order to implement effective information security measures and improving an organization’s security posture, it must determine where it stands today in terms of information Security initiatives and their efficiency. Standards and best practices are the most effective tools that can be used as a benchmark for achieving effective security. Organizations need to identify the “gaps” between where it stands today and where it should be standing according to the standard. Gap Analysis is a method to assess the difference between the current state of compliance and desired state of compliance. Gap analysis offers a number of benefits for example:

• Providing a quick approach to identify the existing gaps between the standard and the environment;
• Developing a roadmap of what needs to be done to link the gap;
• Providing a sense of direction and developing protection strategy an enabler of the company’s business goals.