Answer Executive Questions about Information Security Program Maturity.
The developer of TrustMAPP is Secure Digital Solutions (SDS), one of the earliest and most experienced information security consulting firms. SDS developed TrustMAPP's reports for a client CIO who asked for a “clear, quick picture” of his organization’s information security status and three-year strategic plan.
SDS consultants went to work on a concise, visual executive dashboard with at-a-glance summaries supported by detailed process-level metrics. The result was presented and, within 10 minutes, the CIO said he clearly understood his company's security posture and the resources required to make improvements.
Automating best-practice MAPP security management
There was a challenge, though. The MAPP process was manual and time-consuming. After refining the approach during hundreds of real-world engagements, SDS took the next innovative step: Automating the process to make it more rapid, repeatable, and robust for planning. The resulting cloud-based platform is TrustMAPP℠, introduced in 2015, with an enhanced 2.0 version released in early 2016.
"Light-years ahead" in speed, capabilities, and cost-effectiveness
TrustMAPP is one of the only security program management tools to couple the rigorous COBIT maturity model with the NIST CSF and additional industry frameworks in automated assessments. What really makes it “light years ahead” according to security industry observers, are its prioritized recommendations and cost estimates.
With these capabilities, TrustMAPP makes the CISO’s job easier, yet more strategic, by fostering confidence in a company’s information security posture and uniting security and management teams around common discoveries, goals, and budgets.