Gap analysis is a formal study of where an Organization is currently standing regarding its Information Security vs. where it should have been or wants to be in the future. The actual performance of an organization is compared against its potential performance by collecting all the necessary information pertaining to information security and determining, documenting and approving the variance between the two.
If a company or organization is not making the best use of its current resources or investment on technology, then it may be producing or performing at a level below its potential.
An Information Security Gap Analysis may be also performed in the course of an ISO 27001 implementation project.
Odyssey will carry out an assessment during which our certified information security and risk management consultants will determine, document and approve the variance between the business requirements and the current capabilities of your organization.
Based on the findings, a Gap Analysis report will be delivered which beyond documenting the assessed variance will also provide you with insight into quick win opportunities for improving current practices.