Print

Security Review

What is a security review?
A security review is a collaborative process used to identify security-related issues, determine the level of risk associated with those issues, and make informed decisions about risk mitigation or acceptance.

When is a security review needed?
A security review should be completed for all services and service changes that may affect security prior to go-live. Security reviews can also be performed for existing services if business or technical partners determine one is needed – typically in response to security concerns or new security-related requirements.

Steps for completing a security review:

1. Brainstorming: Identify known or potential security concerns/threats/vulnerabilities

  • To be done by technical and business partners together, including IT Policy and Security. This can be by a Service Team if all parties are represented
  • The Service Manager or convener of the review should seed the list with already-identified issues prior to the larger brainstorming session
  • Note: Common issues are identified in the "seeded" version of the template (link above). Not all pre-seeded issues will apply to all situations. This template also has space to add project-specific issues in addition to the pre-seeded issues.

2. Identify existing and planned/scheduled mitigations for each issue
3. Rank likelihood (low/med/high) of the issue occurring given existing/planned mitigations, and impact if it were to occur (low/med/high)
4. Identify residual risk (low/med/high); risk = likelihood x impact
5. Identify additional possible mitigations to address residual risk, and effort/cost (low/med/high)
6. Present information to business partner or Service Sponsor for acceptance/non-acceptance of residual risk.

  • Acceptance or non-acceptance should specify any conditions or acceptance as-is.
  • Where additional action is required, identify action items, owners, and dates where possible.

About ADL

ADL provides full service consultation, design and installation of closed circuit television and electronic locking systems. These systems are used to provide premises, entry, exit and adjacent area monitoring which will enhance security and provide protection against vandalism, theft and burglary in both residential and commercial settings. We offer a broad range of products.

Contact Us

  • ADL Technology Consulting Group,
    2440 Broadway, Suite # 233
    New York, NY 10024
  • Call us: 212-340-9434
  • Email : This email address is being protected from spambots. You need JavaScript enabled to view it.
  • Email : This email address is being protected from spambots. You need JavaScript enabled to view it.

Copyright © 2017 ADL Technology Consulting Group, Designed by eBrands NY