Pathfinder Audit

Often, an organization knows that they need to improve the security and privacy of their data, but they’re not sure where to start. When this happens, you need an objective, rapid and cost-effective review of your security posture. It should highlight where you are, where you should be, and the best path to get from “here to there”. You need a Pathfinder Audit.

With the Pathfinder Audit, DigitalDefence will perform an assessment of your organization’s current security and privacy practices in the eleven domains of the international security standard ISO 27001:2005:

  • Security policy and process
  • Security organization and personnel
  • Asset management and classification
  • Human resources security
  • Physical and environmental security
  • Network security and operations management
  • Security access controls
  • Information systems acquisitions, development, and maintenance
  • Information security incident management
  • Business continuity management
  • Compliance

Unlike other assessments (vulnerability assessments, penetration tests), a Pathfinder audit is meant to support a rapid identification of the current security state of a network, so that mediation can be started as quickly as possible

Upon completion of a Pathfinder audit, DigitalDefence will have performed the following tasks:

  • Confirmed your existing documentation of the data network
  • Documented your critical business assets, processes, networks, and systems, including a rapid risk assessment
  • Completed an administrative security assessment of your security policies, standards, and procedures
  • Completed a physical security assessment of the overall environment, physical access controls, and data facilities within your organization
  • Completed a technical security assessment, including a review of the network architecture, security devices (firewalls, IDS/IPS), and advanced technologies such as VoIP and wireless
  • Completed a vulnerability scan of the network, servers, and workstations from a “full knowledge” perspective. to maximize the scan’s effectiveness and allow the testers to reduce false-positive results
  • Identified the presence of any “data leakage” – your organization’s sensitive information that may have accidentally or purposely been made available on the Public Internet
  • Developed a gap analysis to document the current state of your network versus the ideal security state. This will provide a concrete work plan to overcome the gaps, including step-by-step processes for mediation and cost and sourcing estimates where required

Deliverables from a Pathfinder audit

  • An objective assessment of your current security and privacy state; demonstrating due diligence and fiduciary responsibility
  • A high-level view of your actual security and privacy exposure
  • A full identification and evaluation of your organization’s critical systems and networks
  • An assessment of the effectiveness of your administrative, technical and physical security controls
  • A verified vulnerability scan of your network, highlighting areas that must be mediated and the means required to do so
  • Recommendations to reduce the vulnerabilities of the systems and to protect critical and sensitive data, systems, and networks
  • Increased awareness of the importance of information security at both the management and user levels
  • A baseline security posture from which improvement initiatives can be measured over time

Upcoming events


You are logged out

Login Test

Copyright © 2008 DigitalDefence, Inc. | 302 - 3310 South Service Road, Burlington, Ontario L7N 3M6 | Tel 905-681-3310 | Toll-Free 866-677-1337