This service evaluates a function or team within your cybersecurity program. The foundation of each assessment is based on reputable practices such as a NIST 800 series document. Remaining testing procedures are developed by Gideon Rasmussen based on 20+ years of cybersecurity experience within corporate and military organizations.

This is a customized service based on the needs of the client. Examples of completed assessments include:

Cyber Exercise Program

Penetration Test Program

Security Awareness Program

Security Operations Center (SOC)

Assessment activities consist of: [1] observation of controls, [2] documentation and artifact review and [3] interviews of the team manager and individual contributors. The assessment is conducted by phone and screen share.

Program architecture is evaluated within the scope of each assessment:

Mission / Vision

Process and Procedures

System of Record

Reporting

Metrics and Trending

Quality Assurance

Deliverables include an assessment report and a slide deck presented to executive leadership.

Fees and Payment

The assessment is billed at a flat rate. The engagement begins once the Statement of Work and Contract are signed and upon receipt of the first of three equal payments.

Phase	Milestone	Amount
1	SOW and Contract Execution	1/3 payment
2	First Assessment Interview	1/3 payment
3	Delivery of Draft Report	1/3 payment

Next Steps

Each engagement can be customized to meet the needs of the client. The first step in the process is to have a conference call to discuss requirements.

Assessment Options

Custom assessments may be conducted based on the needs of the client. Here are examples:

This service offering description provides an overview for informational purposes only. The Statement of Work and the Master Services Agreement are the official documents for each assessment engagement.