It is sometimes referred to as a Pre-Audit. A gap analysis is mainly done at the beginning of the certification or compliance journey to assess what is currently in place against the set of requirements for which every control is to be implemented.
If you are in a regulated industry or need to be in compliance with a particular Cybersecurity Framework, we can perform that analysis. Getting a third-party Gap Analysis will help you understand precisely what your next steps may be.
DataSoftNow will perform an initial vulnerability scan on your entire network. Then we will perform a Control Assessment (NIST, CIS, HIPAA, ISO) based on your industry or regulation and provide you with a thorough gap report. Comparing the gap report and vulnerability scan results with your industry or regulated compliance Framework will give us the information needed to complete a Plan of Action.
Now, you can put a plan in place and understand the time and the costs to get you to your end goal.