Verizon Security Program Assessment

Discover your security gaps, program maturity and ways to reduce risk

Evaluate your security program against commonly used industry security standards

Maintaining compliance with laws and industry regulations can be challenging in an enterprise environment. The Security Program Assessment (SPA) (formerly known as Business Security Assessment) is a point-in-time assessment that addresses how well an organization is meeting their security requirements compared to a specific regulation or industry framework. The SPA provides a tangible and repeatable measure of the customer's security program and promotes the desired future state of control maturity.

The SPA can be done as a one-time assessment, annually, or every two to three years to help an organization measure growth. It is an independent assessment of security controls implemented across an organization in comparison to industry standards and regulatory requirements. By understanding security gaps and how mature current security practices are, the organization can optimize their security investments and resource allocation. The assessment is especially helpful to businesses that are not as mature and need an assessment of their security program to help determine where they may be vulnerable.

The SPA is available in fixed price packages with Small, Medium and Large options. Custom scoping is also available for customers that do not fit into one of the packages.

Top Features

  • Variety of standards

    Select any common standard for evaluation, such as NIST CSF, NIST 800-53, ISO 27002, or HIPAA/HITECH.

  • Non-invasive

    Assessment does not require in-depth access to systems or disruption of business processes.

  • Objective and repeatable

    Supports security and compliance audits, evaluation of remediation activities.

  • Relevant across industries

    Applicable to regulated and unregulated industries, companies of all sizes.


Additional Information