Compliance Gap Analysis
Best practices, standards and legislative mandates are intended to provide organizations with guidance on the types of controls, objectives and procedures that comprise an effective IT security program. These practices illustrate what should be done to enhance or measure an existing computer security program or to aid in the development of a new program and provide a common ground for determining the security of an organization.
Namtek’s Gap Analysis measures existing business practices and policies against IT security best-practice and select compliance mandates including HIPAA/HiTech, GLBA, PCI, DIACAP, FISMA, FFIEC, 21 CFR Part 11, and 201 CMR 17. Identified strengths and any areas of the existing business practices and policies requiring improvement are clearly identified and presented in a format that can be fully leveraged by executive management and operations simultaneously to serve as a foundation for formal security program development and compliance attainment.