Citicus ONE: Developing 'bases of evaluation'

How Citicus ONE works

What makes Citicus ONE special?

Software capabilities

Results produced

Software workflow

Gaining access

Platform requirements

Pricing

Key benefits

Our services

Citicus ONE user group

Citicus ONE maintenance and support

Citicus ONE hosted services

Education and training

Bases of evaluation

Programme management and execution

Collaborative developments

Additional technical support

Technology licensing

Downloads

Request a demonstration

Citicus news releases

Customer case studies

Testimonials

Implementation partners

Strategic alliances

Technology partners

Company profile

Our flagship software

Our standing

Our global customer base

Our research foundation

Our management team

Our company name

Contact details

Bases of evaluation

Customers with active Citicus ONE maintenance agreements gain access to new and updated bases of evaluation as we develop them or provide them under licence from third parties (eg the ISF Standard of good practice (ISF SoGP), PCI DSS, ISACA COBIT, ISO/IEC 270001).

Customers also gain access to tools such as Citicus Workbench that help them prepare bases of evaluation of their own, or customise ones we supply.

If requested, we can also provide practical advice on developing a basis of evaluation that meets special needs or hands-on assistance with developing one. This entails:

defining the most appropriate methods of evaluating criticality, controls, special circumstances, threats and, the business impact of incidents
creating a series of determinations of acceptable risk
devising a harm reference table for use by evaluators
agreeing these with key stakeholders (including the customer's designated representative)
finalising the basis of evaluation and documenting it
handing it over so customer staff can set it up in their system.

Our experienced staff can generally create a new basis of evaluation from existing material pretty quickly (eg within a few hours or days). Devising a new one from scratch takes longer (eg a month).

Both new and experienced practitioners rate Citicus ONE's customization capabilities highly:

"It made the hairs on my arms stand on end when I saw what Citicus ONE generated from the basis of evaluation I prepared."

Controls/compliance practitioner, Global foods company

"It took Citicus just three days to configure Citicus ONE to conduct Privacy Impact Assessments that reflect UK privacy legislation. That's impressive and has given us a solid foundation to start from."

Specialist privacy consultancy

Back to Services


	Home \| Our software \| Services \| Resources \| News/events \| Customers \| Partners \| About us \| Contact us \| Privacy policy \| © 2010 Citicus Ltd