IT Security Diagnostic Program

One of my first engagements with Info-Tech. It gave me a lot of insight into an area where I am a newbie. I also got directions, references, and resources to look into. Thumbs up.

The ability to perform a self evaluation of our security governance was an invaluable starting point for development of our security roadmap. The process was well structured and the analyst was extremely helpful. The greatest challenge is using the information gathered to begin the process now.

The overall methodology of the survey and the result and recommended actions are all valuable information.

Consultant needs higher quality voice communication tools... microphone, headset, etc.

Wesley's input on prioritizing areas for improvement was valuable.

Best: It confirmed some gaps we thought we had. Worst: Doesn't give a benchmark against other survey participants to show if we are good, better, or worse than others.

Completing the survey for the diagnostic was easy. The completed diagnostic report we were given provides a good insight. The adviser was needed to put it in perspective and give clarity on the action steps. The report could be overwhelming otherwise.

Positive and informative interaction. Really appreciate what your team has to offer.

Great opportunity to baseline the security program.

Good experience; no downside really.

The diagnostic report is easy to read, follow, and understand and, importantly, it includes recommendations for action with the description of the issues. Going through the report with the security expert from Info-Tech helped us to understand more thoroughly and, through discussion, helped to identify which areas should be our priorities. This will help us move forward quickly and get the most benefits faster.

No worst aspects, except many of the solutions seem to be designed for mid to large organizations and require many internal resources to complete. Best aspects include confirmation of my analysis and provides insight into areas, processes, or concepts I may not have thought of.

Got a ton of information from a very basic set of questions.

I find incredible value in the insight provided. The reports are very easy to understand and use in supporting a change or move in a certain direction.

Best - Validation. Worst - More details on how to execute on direction/vision would save even more time.

Tons of information.

Coordination, question assessment, and people.

All excellent stuff; no down side.

I think Info-Tech's guidance is always well-presented and useful, and we're incorporating much of that guidance into our work plans. I'm also most comfortable starting most initiatives at the most basic level of engagement (e.g. downloading blueprints and roadmaps), but sometimes I feel like there's more of a focus on more involved levels of engagement (often outside of the scope of the subscription).

I can't put a dollar figure on it right now. And the survey is unforgiving when asking for a dollar amount. Regarding the feedback – it was very good. I received good feedback.

A very good experience. It gave me a baseline so that our BRM group can start having meaningful conversations with our customer regarding security.

I can't put a dollar figure on it right now. And the survey is unforgiving when asking for a dollar amount. Regarding the feedback – it was very good. I received good feedback.

Cameron is very helpful.

Best - Very structured process and review. Worst - Generalized, rather than specialized knowledge.

Best: Structured process. Worst: General expertise.

The analyst was very thorough and asked relevant questions to determine how to best use the data to our benefit. The analyst sometimes spoke too rapidly, which made it hard for me to understand him.

Presentation was helpful and informative. Gained some great insights and direction on where to focus.

Best - Sharing his experience about how others compare and putting the results in perspective. Worst - Some of the survey questions were ambiguous.

This was a valuable process to walk through. A good experience. Not all aspects are relevant to a very small shop like mine. We have a low budget, and maybe 1/2 or 1/4 resources dedicated to security. We do not have the luxury to put in place some items that are mentioned in the questionnaire.

Very good insight of ELE Security Governance.

I valued the freeform comments in the survey as well as the Info-Tech feedback on the scores.

Verified that our plan is going in the right direction.

Wesley provided great guidance and did a nice job of explaining the report. There were some technical issues that caused a little static in the connection on the second call.

Well-presented overall security posture, with attention paid to outstanding issues or questions.

Overall, it's a good report but it lacks some detail.

The amount of time it took to arrange the meeting.

Sometimes hard to interrupt for questions.

Gives us a good baseline to begin from and direction to go.