Let's get started

You have decided that your organization has to improve in the field of information security. This requires a simple and efficient approach with three specific recognizable phases. The three phases are; an analysis of possible threats, a risk assessment and the implementation phase. Several experts in specific domains will assist to achieve the best possible result. However, you only work with one person (contact) to make communication simple and effective.

Analysis of threats

The analysis of threats is the benchmark for your organization. In this phase, it is important to define what has to be protected and which threats are present.

Budget

As soon as the analysis of threats is completed, we can define which actions can be undertaken to reduce the risks in your organization. In this phase, the existing measures of protection are evaluated. These measures can consist of human, process and technical measures. We also assess which laws and rules apply to your organization and its sub sections.

We define with you which level of protection you would like to achieve and find acceptable. We can then also indicate what kind of budget is needed to protect your organization.

Implementation

Now that we've defined the level of risk, the budget is also known. We can now start by implementing all of the measures. Our experts will start to work on your organization. ConanDoyle will manage the whole implementation process for you.

Validation

At the end of the implementation, your organization is adjusted so that all of the risks are accounted for. To define whether the whole process has been carried out correctly, we will test whether the measures are indeed enough to protect your organization. We will determine this by testing several aspects.

Maintenance

Everything that works has to remain that way. That's why you will have to maintain and test the measures you have taken to protect your organization. In order to do this, ConanDoyle offers a test and maintenance subscription.