Comprehensive Security Vulnerability Assessment

PCIS: Trusted Security Advisors

Business technology is a constantly changing and evolving area of any modern organization. This constant progression requires regular investigation and re-evaluation of process, people and security. By adopting a process which recognizes the information security model ensures that critical issues, gaps, and business processes are regularly investigated and adapted to reduce the potential exposure and risk to the organization.



Business Technology Security Lifecycle



The PCIS Methodology

Assessments can take on many names and vary in terms of methodology, rigor and scope. However, the core objective remains consistent - identify and quantify the risks to an organization’s technology and information assets. The risks present within technology and business data has precipitated the need for organizations to become proactive in understanding their security needs. PCIS’ Security Vulnerability Assessment provides a wealth of foundational information which helps organizations move decisively towards developing a proactive security posture.



Activity includes focus groups, worksheets, interviews, and capturing data to develop a clear
understanding of the organization’s people, process and technologies. In evaluating the collected
information a detailed Assessment Execution Plan is created. The purpose of this plan is to efficiently
guide activity throughout the following Security Assessment engagement. If specifc regulatory
requirements are a consideration, evaluation tasks designed to meet all regulatory requirements are
also defined with the Assessment Execution Plan.
Assessment activities are conducted within the contexts dened within the Discovery engagement, these
  • Information sharing (verbally, visual demonstrations and documentation)
  • Observing (configuration and execution of policies)
  • Scanning for vulnerabilities using software-supported and manual tests
  • Reviewing of organizational security policy and technical documentation
For most organizations, Assessment activities can be completed remotely, minimizing the need for on-site
scheduling and demands on their internal resources.
200 OK


The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, [no address given] and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.