Strategy & Advice
“We just got the green light to make big improvements. But I need a long-range plan that includes some big and visible wins early on, or we will miss the opportunity.”
Implementing New Technology Solutions
With our broad footprint in government and industry, JANUS staff are constantly at the forefront of emerging technologies, the disruptive impacts these technologies have on traditional business models, and the security implications faced by the early adopters. We can assist you with your complex new technology needs. Our staff regularly works with a wide variety of solutions, and vendors provide us with education in their newest security technologies and products.
When you need experienced security personnel to implement complex new solutions our experts work both with you and your vendor to advise on and organize your selection, ensure that what you and the vendor agreed upon is provided, and coordinate and integrate the implementation so that you make progress in accordance with your goals to meet your milestones.
Program Planning, Development
Security has become increasingly complex in recent years. With laws requiring breach notification and reporting to government on the existence and currency of written security programs many organizations are seeking to put in place a more comprehensive security program or to assess a current one to determine its adequacy.
JANUS experts have focused on security for almost three decades and have extensive experience with all the leading regulations and types of security programs required as well as what meets today’s best practices. JANUS will help you put in place components such as:
- A security strategy
- Policies and procedures
- A risk management framework
- Reporting mechanisms
- Metrics to determine progress
All of these can assist your organization by increasing your security maturity and by better protecting your critical assets as well as helping prevent data losses and breaches.
Policies and Procedures
Having current, documented security policies and procedures that all your staff and vendors understand and to which they are expected to adhere is a major building block in protecting your data and systems. As the business changes, older policies and procedures may no longer fit your business model or they may focus on activities that are no longer the way the business works. As in all other business functions, regular review and updating are needed to maintain their viability and applicability to your business.
If you have no (or only partially) documented policies and procedures, then your staff is working to whatever standards and processes they think appropriate, or to perhaps none. This often means that staff is working very differently and you can have no uniform manner of protecting your organization.
As a specialist in this area, JANUS can assist you in creating or updating policies and procedures to work within all the current standards and regulations to which you might be subject. We can develop a level of security intentions and supporting processes that meet your specific needs in the actual operating environment in which you work. These will also assist your staff in understanding what is expected of them as part of their performance measurements.
Plan of Action and Milestones (POA&M)
How you plan to undertake corrective actions and remediation tasks after an assessment or audit should be recorded so that everyone with responsibility for implementation can understand exactly what is expected, by whom, and when. In this way, a regular reporting mechanism is available for management that lays out what will take place, what the deadlines are for each task, and who is responsible for ensuring that the activity is completed.
JANUS will work with you to prepare a mechanism upon which you can base your reporting requirements with assigned responsibility and deadlines. This gives you the tools that you need to manage remediation activities.
Developing Roadmaps to the Future
As we discover and document risks, we can also be cataloging them as to the types of tasks that will be required to solve each. Once we categorize each, we can structure how you can effectively accomplish the appropriate tasks to remediate through the development of a Roadmap, in accordance with your Plan of Action and Milestones. Roadmaps guide you through the many implementation steps needed to effect large, complex IT changes in a coordinated manner.
The Roadmap becomes your implementation guidance tool that allows all your operational components to work from one set of plans and structure. Tasks based on the accepted Roadmap can then be delegated for implementation while constantly maintaining your vision of what you wish to accomplish.