CMA incorporates our insight into global best practice from the public and private sectors and addresses six key dimensions that together provide a comprehensive and in-depth view of your cyber maturity as shown below:
- Leadership and Governance: Board demonstrating due diligence, ownership and effective management risk
- Information Risk Management: the approach to achieve comprehensive and effective risk management of information throughout the organization and its delivery and supply partners
- Operations and Technology: the level of control measures implemented to address identified risks and reduce the impact of compromise
- Human Factors: the level and integration of a security culture that empowers and ensures the right people, skills, culture and knowledge
- Business Continuity and Crisis Management: preparations for a security event and ability to prevent or reduce the impact through successful crisis and stakeholder management
- Legal and Compliance: regulatory and international certification standards as relevant.
A CMA of your organisation will give you an in-depth review of:
- Your ability to protect information assets
- How mature your approach to information assurance is
- Your preparedness against cyber attack.
Working with your team and conducting a combination of interviews, workshops, policy and process reviews and technical testing, KPMG’s CMA team takes a positive view of managing cybersecurity.