We provide an effective tool for officials and/or executives who are responsible for security of the entire organization and who wish to determine, very quickly, what the strong and weaker aspects of the organizations security posture are. The RHEA Security Program Diagnostic informs senior managers about the health (maturity) of the Security Program at a very strategic business level – it is a short, concise assessment of security that can quickly focus the organization on the issues, challenges and actions that should be of most concern to senior management.
It is a strategic exercise, conducted by proven and experienced former security executives, that assists senior business managers in determining how effective the organizations’ overall security program is today and what needs to be done over the coming 6, 12 and 24 months to address the most serious security deficiencies or program adjustments.
How we do it?
For Security Program Diagnostics, RHEA only assigns executive-level Security professionals who have proven records of accomplishment in managing large security programs effectively and efficiently.
They are familiar with all of the requirements e.g. (governance, policy, human resources, budgeting, organizational structures, planning, delivering, monitoring, course-adjusting, reporting, management support tools, etc...) in order to deliver a sound and effective security program.
- Capture information about the client, including but not limited to; the business drivers; legislative, regulatory and policy obligations; the internal security support organization, risk profile, budget, policies, procedures, practices, measures, tools and systems; via a comprehensive diagnostic questionnaire.
- Review corporate documentation;
- Interview key personnel using the RHEA’s Security Program Diagnostic Questionnaire to ensure consistency of approach.
- Comparing (benchmarking) the organization with preferably two (2) other organizations of a similar size.
- Analyze and consolidate the completed questionnaires to determine what works well, what works very well and what areas need improvement.
- Attribute ratings to each security control objective area (e.g. unsatisfactory – satisfactory – very good, or other terms as selected by the client).
- Develop recommended actions and suggest potential solutions for improvement where and if applicable.
- Prepare and present of a Security Program Diagnostic with a short Executive Overview, which includes a proposed Action Plan with Key Performance Indicators (KPIs) and a 15 to 20-minute strategic presentation to Senior Corporate officials, with a question and answer period, on the results of the diagnostic.
What do we deliver?
We will deliver the following:
A Security Program Diagnostic that informs senior managers about the health (maturity) of the Security Program. The Diagnostic is a short, concise assessment of security that can quickly focus the organization on the issues, challenges and actions that should be of most concern to senior management.
What projects have we delivered?
RHEA Inc. delivered Security Program Diagnostics to many Federal Government departments and agencies, always ensuring their total satisfaction. Our list of clients includes:
- Exportation Development Canada (EDC)
- Office of the Information Commissioner of Canada (OIC)
- Transport Canada
- Heritage Canada