The B.A.S.E program includes an assessment of your organizations core technical and administrative controls. Elements included in the B.A.S.E program are listed below
- Critical Controls Audit
- Network Architecture Review
- Network Vulnerability Assessment (External, Internal)
- Penetration Test (External, Internal)
For those organizations needing a deeper dive, the Enhanced B.A.S.E program includes all of the Elements found in the standard B.A.S.E program, but also adds a Physical Controls Assessment, a Security Awareness Assessment, a Web Application Assessment, and a Wireless Architecture Assessment.
The B.A.S.E audit program is designed to be completed on an annual basis, with results from the current year being compared to those of previous years to gauge improvement and return on investment (ROI). In essence, the initial B.A.S.E certification establishes a Baseline, with subsequent years providing a Barometer of your organizations security posture.