Cyber Security: Governance and Compliance Readiness Assessment

Facing a deadline to meet new government regulations, our client needed to assess its readiness to comply with those regulations – or face losing a significant part of its business. As a prime contractor or subcontractor to U.S. government agencies, this global infrastructure and engineering company needed to understand any compliance issues so it could address them and preserve an important revenue stream.

Team meeting in modern conference room

Challenge

Facing a deadline to meet new government regulations, our client needed to assess its readiness to comply with those regulations – or face losing a significant part of its business. As a prime contractor or subcontractor to U.S. government agencies, this global infrastructure and engineering company needed to understand any compliance issues so it could address them and preserve an important revenue stream.

 

Experis Solution

Experis used its compliance assessment methodology – discovery, scoping, analysis, and reporting – to evaluate the client’s compliance obligations, assess its state of compliance readiness, and develop a roadmap of recommended corrective actions to achieve compliance.

We evaluated information protection policies, processes, and controls; governance capabilities; technical controls; and risk management processes to determine critical risks and threats. Experis identified critical compliance gaps and process improvements for the client to achieve regulatory compliance. The compliance readiness report included:

  • A high-level compliance posture for the organization
  • A prioritized list of identified risks, control weaknesses, and compliance gaps
  • A roadmap of cost-effective and actionable recommendations
  • An executive summary of critical gaps and near-term actions to consider.

 

Results

Experis provided a fair and impartial assessment of the client’s compliance readiness, which confirmed program weaknesses and exposed critical and previously unknown compliance issues. Our roadmap for remediation gave the client the clear path it needed to achieving compliance.

Experis also shared its knowledge with the client’s security team to elevate their skills. Our assessment and recommended actions suggested improvements to the client’s overall information security posture beyond the compliance initiative, reflecting the extended value Experis brings to every client engagement.