Get started Bring yourself up to speed with our introductory content.

Has a kick-off meeting been held for the security site assessment?

As the execution of a security site assessment begins, service providers should hold a formal kick-off meeting with their clients. Learn what aspects of the assessment should be discussed at this meeting.

About the author
Joel Scambray has held diverse roles in information security over a dozen years, including co-author of Hacking Exposed: Windows and Hacking Exposed: Web Applications, senior director of security at Microsoft, co-founder of security technology and service company Foundstone, senior security consultant for Ernst & Young and internationally recognized speaker in both public and private forums. Listen to the supplemental podcast with Joel for more information on security site assessments.

A typical kick-off meeting should give relevant stakeholders a formal alert of start of work, provide contact information to relevant team members, define emergency escalation procedures/channels, review and confirm the project plan, set the schedule for regular status communications/meetings and so on. A well-organized kick-off meeting held on the first day of the project (or slightly before) provides good insurance that expectations are understood -- and thus likely to be met! -- on both sides of the table.

This was last published in May 2008

Dig Deeper on Cybersecurity risk assessment and management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.