Assessing Compliance & Policy Gap Analysis

Assessment Services

C2C SmartCompliance’s consultants are trained auditors and assessors with extensive experience and can assist organizations undertaking or creating custom assessments. C2C has developed over 200 national and international assessments spanning across multiple regulations, standards and best practices.

C2C’s assessment methodology exploits either the CAPTM product (stand-alone) or Compliance MapperTM (web-based) to achieve effective and efficient assessment capabilities and results.

Outputs from Assessment Include:

  • Assessment Results
  • Gap Analysis
  • Comparative Analysis (from multiple respondents)
  • Bar Charts
  • Pie Charts
  • Radar Charts

Some Assessment Examples Include:

  • ISO/IEC 31000 Risk Management
  • Cross Border Flows of Information
  • State of Massachusetts
  • Sarbanes Oxley
  • Physical Security
  • Cyber Security
  • ISO/IEC 20000 IT Service Management System (ITSM)
  • ISO/IEC 27001 Information Security Management System (ISMS)
  • ISO/IEC 38500 IT Governance Management Standard
  • ISO/IEC 22301 Business Continuity Management System (BCMS)
  • ISO/IEC 9001 Quality Management
  • NIST 800-53 Security Controls Catalog

Policy Gap Analysis

Using the capabilities and flexibilities built into Compliance Mapper, C2C SmartCompliance consultants can map your organizational policies to the multiple regulations, standards and best practices required by your organization to be aligned and provides a comprehensive gap analysis report showing any deficiencies in the policies. C2C’s methodology ensure that the output of the mapping provides your organization with a comprehensive view of the quality of the policies linked to the specific requirements.