Secureworks Information Security Controls Assessment
Secureworks Information Security Controls Assessment ⫘
Important
The service listed above is only available to any customer for whom IMR was quoted on or before to March 31, 2022, and that customer executed a Transaction Document for the IMR within 90 days of the quote. By selecting this Service, Customer acknowledges and agrees that, notwithstanding anything to the contrary set forth in Customer’s agreement with Secureworks, Secureworks may subcontract these Services to Insight Direct USA, Inc., provided that, Secureworks will remain responsible for the performance of the Services to the same extent that it would be liable for its own acts or omissions.
Service Overview ⫘
Secureworks will assess your security controls as related to a Secureworks proprietary framework that considers multiple factors, including best practices in your industry. The Assessment will be conducted remotely through teleconferencing tools such as Microsoft Teams.
Service Methodology ⫘
The assessment process consists of three components: Initial Meeting, Assessment, and Concluding Activities.
Initial Meeting
Secureworks will contact you to schedule the initial meeting, which will be conducted remotely through teleconference. You will review the Statement of Work, schedule the Assessment, and discuss the following:
- Goals and objectives for assessing security controls
- Roles and responsibilities
- Scope definition
- Project schedule and milestones
- Report requirements
- Your Subject Matter Experts ("SMEs") and points of contact ("POCs")
- Request for Documentation list
- Logistics for Assessment
Assessment
During the scheduled time period, a Secureworks consultant will conduct activities (such as interviewing your personnel) related to assessing your security controls. You will determine whether the assessment will be conducted on-site at one or more of your locations, or remotely through teleconference(s). Your in-scope policies, standards, guidelines, procedures, and other documentation will be assessed, taking into consideration your industry.
Concluding Activities
During the period following conclusion of the Assessment, Secureworks will do the following:
- Analyze documentation you provide as related to security best practices in your industry
- Identify and validate technical, operational, and strategic areas of improvement in your security controls
- Conduct additional discussions and activities with your SMEs as needed
- Create Final Report (includes analysis of your security controls and documentation as related to security best practices in your industry recommendations for improvement, and other information)
- Send Final Report to your POC(s)
Outcome ⫘
You will receive a report that includes analysis of the security controls and related documentation, and recommendations for improvement.
Scope and Service Units ⫘
Conducted remotely through teleconference; 8 Service Units; Executive/Board presentation can be added for 6 Service Units
Scheduling and Booking Information ⫘
See Service Scheduling for information about scheduling this service.