Whether you are delivering one or buying one, understanding what goes into a framework assessment for any compliance area is essential to cost-effective, high-quality outcomes. Whether it is privacy, security, SDLC, or regulatory, all framework assessments should be conducted using the same methodology to provide consistency and assure consumers they are worth more than the paper they are printed on.
Using the NIST CSF and CMMI frameworks, we will walk through all the steps in an assessment process including determination, purchasing, execution, reporting, and certification. We will examine what goes into the maturity ratings, and how to conduct the assessment in a diplomatic manner to provide value and be efficient.
Attendees will obtain an solid understanding of what constitutes a quality framework assessment and what garbage looks like using examples drawn from 30 years of work at some of the largest, most exacting companies in the world.