- To define a security plan. Carrying out an evaluation of the current capacity level and defining an objective level based on the criticality of the evaluated environment.
- As a reporting tool, to inform and compare the level of cybersecurity in different environments, business units or even group companies.
- As part of a scorecard, to inform Senior Management of the existing cybersecurity level.
- As a decision tool to identify weak points in our system in which it is necessary to invest our cybersecurity budget.
Results come in executive language
Communicating the results is key in this type of exercise. Therefore, this service provides the results in clear and concise language that can be interpreted by non-experts (the scales used by rating agencies are very close to the language of Senior Management), but also by technical experts. For these, the detailed result is provided for each of the 350 capacities evaluated grouped in 73 sections and 14 domains.