GRC SERVICES

GOVERNANCE, RISK, COMPLIANCE

3 Tree Tech offers you a comprehensive assessment considering NIST Cyber Security Framework (CSF) and Incident Response Table-top Workshop. Upgrade your Technology stack with solid security and reliable compliance.

NIST Cyber Security Framework (CSF)

Baseline Maturity Assessment

This current state assessment considers NIST CSF 2.0 components. The assessment approach includes inquiry meetings and review of selected documentation and observation items to be requested during the review process.

The review may include Client operations, general business, and significant production systems, as confirmed in scoping. Key providers will be identified during this review.

Scoring results are provided for categories and subcategories of the CSF Framework.

Planned Activities for SOW Inclusion

The table below outlines the key activities and deliverables, and can be used directly in an SOW.

Incident Response
Table-top Workshop

This table-top workshop is structured to allow a Client to thoroughly test its incident response (IR) plan design and effectiveness. The working session structure also facilitates training, awareness, and business impact understanding beyond the specific test itself.

The test can be structured focused on executive-level considerations, operational activities of the security and technology teams, or a combination. The workshop is designed for a two-to three-hour timeframe, with a full detailed gap summary and recommended provided within one week of the session.

Planned Activities for SOW Inclusion

The table below outlines the key activities and deliverables, and can be used directly inan SOW.

  • To exercise key components of the Incident Response Plan in order to validate effectiveness of communication and recovery procedures.iption text goes here

  • To promote enhanced understanding of responsibilities in the event of an incident situation. Description text goes here

  • Determine if targeted plan and procedures are reasonable for recovery and compatible with cross-functional plans and activities.

  • To confirm understanding of roles and responsibilities and decision-making processes.

  • To identify any improvement opportunities that could be taken today to better prepare the organization for responding to an incident.

Incident Response Exercise Objectives

Reach us now.