Our approach will be to conduct each engagement using our proven, three-phased methodology. Our experienced engagement team will first obtain an understanding of your business before executing our proven methodology. We coordinate the logistics of the engagement with your personnel to acquire the necessary information to complete the engagement objectives.
Phase I – Planning and Scoping
The objectives of this initial phase are to refine and finalize the scope of the work to be performed and to develop a suitable work plan. This will take into account business requirements and constraints of the organization and including, including identifying procedures based on our risk assessment.
Phase 2 – Fieldwork
Once procedures have been identified and documented by the client, we will commence fieldwork. During this phase, we will:
- Confirm the stated control procedures are still valid and apply to the environment
- Test the stated control procedures for design and/or operating effectiveness
- Document the results and conclusion. Any exceptions we find are communicated in the following manner:
- Real time as issues are identified
- Weekly status meetings with Management
- The draft and final report
Phase 3 – Reporting of Results
After fieldwork is completed, we prepare and provide a draft report to client management for final input. Once all input is received, we prepare and issue the final report.
CyberGuard Compliance, its partners, employees, and others involved in the certification of organizations fully understand the importance of impartiality in undertaking its certification activities.
CyberGuard Compliance will therefore ensure in its dealings with current or potential clients that all employees, or other personnel involved in certification activities are, and will remain, impartial.
To ensure that impartiality is both maintained and can be demonstrated, CyberGuard Compliance has identified and assessed all relationships which may result in a conflict of interest or pose a threat to impartiality.