Security testing
Closing the loop
Closing the loop is about working with our clients for the full cycle of security testing. Traditionally, security testing providers walk away from the client once the security testing report is finalised. This typically leaves the client with complex security issues that need to be addressed by IT, as well as articulated in business terms to the organisation’s risk management function.
Remediation services
Deloitte provides clients with professional services and security experts who are experienced in closing the loop on a security cycle by providing and implementing security programs and solutions to address security issues, including:
- Strategy and design development
- Project management and subject matter experts
- Secure solution design and architecture
- Technology evaluation and testing
- Solution development and build
- Solution integration (people, process, technology).
Business reporting
Deloitte can assist with closing the gap between IT security testing and the reporting of results back to business in a manner which articulates the risk to the business. We can assist with aligning the technical assessment results to business risk in a way that non-IT people can understand and use to make an informed decision. Our services include:
- Development of framework and processes for aligning technology risks with business risks
- Assistance with mapping technology risks and threats to business risks and threats
- Methodologies to develop security testing programs that integrate alignment of technical issues with the business.
