Analyze Scenarios to Secure the Enterprise
Many CASPs may be asked to carry out relevant analysis for the purpose of securing an enterprise. Common methods to help achieve this goal include benchmarking, prototyping, analyzing, and reviewing the effectiveness of existing controls.
Benchmarking and Baselining
In the world of information security, a benchmark is a simulated evaluation conducted before purchasing or contracting equipment/services to determine how these items will perform once purchased. A baseline is a minimum level of security to which a system, network, or device must adhere or maintain.
Another area of benchmarking that is evolving is related to best practices, controls, or benchmark requirements against which organizations can be measured. The concept of compliance is sometimes compared to benchmarking, because you may need to specify a level of requirements or provide a grade when measured against the predefined requirements.
One example of this is the Federal...