Contextual Security Solutions Base Assessment of Security Elements (B.A.S.E) audit program is an efficient and cost effective framework to measure and communicate your organizations security posture, as well as evaluate those business partners and service providers you interact with.

The B.A.S.E program includes an assessment of your organizations core technical and administrative controls. Elements included in the B.A.S.E program are listed below

• Critical Controls Audit
• Network Architecture Review
• Network Vulnerability Assessment (External, Internal)
• Penetration Test (External, Internal)

For those organizations needing a deeper dive, the Enhanced B.A.S.E  program includes all of the Elements found in the standard B.A.S.E program, but also adds a Physical Controls Assessment, a Security Awareness Assessment, a Web Application Assessment, and a Wireless Architecture Assessment.

The B.A.S.E audit program is designed to be completed on an annual basis, with results from the current year being compared to those of previous years to gauge improvement and return on investment (ROI). In essence, the initial B.A.S.E certification establishes a Baseline, with subsequent years providing a Barometer of your organizations security posture.

Contextual Security Solutions also provides B.A.S.E  programs tailored to specific industries. Three B.A.S.E  programs have been developed for those organizations that process, transmit or store Healthcare data (i.e. protected health information). As an added benefit, each program includes a risk assessment component that can be used to meet Core Objective 14 (Eligible Hospitals) or Core Objective 15 (Eligible Professionals) for those healthcare organizations applying for Meaningful Use funds.

Contextual Security Solutions has created a B.A.S.E-H program specifically tailored for hospitals and other covered entities. The B.A.S.E-H program adds a HIPAA/HITECH compliance assessment as well as an assessment of those critical controls responsible for securing healthcare data during processing, transmission and storage. The B.A.S.E-H also includes a focus on mobile device security and media disposal policies and procedures, which are two primary contributors that have resulted in healthcare organizations having to report a breach of unprotected healthcare data (source: Health & Human Services list of Breaches Affecting 500 individuals or more).

The B.A.S.E-V program provides a way for healthcare service providers and vendors to communicate their commitment to information security to potential clients as well as a way for hospitals and large healthcare organizations to annually monitor the security posture of those business associates they share data with. The B.A.S.E-V program includes those same Elements found in the standard B.A.S.E-V program, with specific focus applied to those assets used to secure data under their charge.

Contextual Security Solutions’s B.A.S.E-P program was created specifically for eligible professionals (e.g. physicians groups)who are committed to securing their patients sensitive information. The B.A.S.E-P program is cost effective and includes a HIPAA compliance audit and an assessment of the eligible provider’s security controls with focus on those critical assets (e.g. EHR) that house patient data (protected healthcare information). The B.A.S.E-P program also can be used to satisfy Core Objective 15 for those eligible professionals applying for Meaningful Use funds.