Government Cybersecurity Assessment

NIST CyberSecurity Framework

Our Information Security Managerial Controls Review (MCR) assesses the organization’s security program including:

• Policy Documentation

• Information Systems Policies Review and Assessment

• Procedure Documentation

• Technical Controls and Aggregate Security

Through interviews, documentation review, and testing, E3 evaluates an organization’s adherence to a desired standard.

This security framework is a voluntary standard consisting of guidelines and best practices to manage cybersecurity-related risk. E3 has worked with both version 1 and 1.1 of the framework and helped government and private organizations who have chosen to adopt this methodology for managing their information security risk. There are five main categories within the framework. Each of the five categories are broken into sub-categories with defined objectives. We can help assess organizations to determine if they are meeting these objectives, and identify areas of weakness that need to be improved.