Effectiveness and economic efficiency assessment
Functioning information security management requires numerous technical, organisational and personnel security measures to be attuned to each other. Apart from well-established standard solutions such as firewalls and anti-virus protection there are more and more providers of innovative security products competing for new customers. An enormous toolkit is available to IT decision makers to tackle the risks in the IT environment. In contrast, personnel and financial ressources are considered limiting factors. Owing to our long-standing experience as well as our extensive knowledge of the market and available solutions, SCHUTZWERK can support you with the required assessment of the effectivenes and economic efficiency of security measures.
IT departments are not only confronted with continuously growing security requirements but also with an equally high number of solutions to tackle these requirements. Looking at encrypted inter-user communication solutions, for example, the market is flooded with numerous software products. To establish an appropriate solution in this area, fundamental questions must be considered: Which level of communication protection is required? What are the user requirements? Which security products should be considered, does the technical standard live up to product marketing promises and is the cost/benefit ratio appropriate? Also: which organisational principles and measures are required in addititon to the technical solution?
Thorough investigations and analyses can help avoid bad investments and achieve the maximum effectiveness of applied measures. During an effectiveness and economic efficiency assessment analysis SCHUTZWERK supports you with the evaluation of the questions described above, particularly through the following actions:
- Definition of the desired effects of measures
- Comparison of the effects of measures with company-specific threats and security objectives
- Comparison of the effects of measures with the risks that need to be faced (on basis of company-specific threats and security objectives)
- Analysis of the potential attainability of the effects of measures (product functions, effects of organisational measures, etc.)
- Analysis of technical and organisational principles required for each measure
- Analysis of the potential effort required for the implementation and application of measures in comparison to the potential effects
- Investigation of alternative measures depending on the result of the actions listed above
Based on the results obtained, we also offer an evaluation of corresponding products and services in the software and hardware environment.