Infrastructure Assessment
An assessment process allows you to evaluate the strengths and weaknesses of your Information System and identify all possible improvements applicable
Within the life cycle of an Information System the assessment can be considered both as the final moment of its life cycle, in which you make a diagnosis of the state of the system to understand whether it is necessary to implement corrective actions in the face of your business needs, either as the initial moment preceding the feasibility study for the implementation of a new system or the application of corrective actions to the existing system.
We discover the weaknesses of your systems to learn how to better protect them
An assessment process allows you to evaluate the strengths and weaknesses of your Information System and identify all possible improvements applicable
Within the life cycle of an Information System the assessment can be considered both as the final moment of its life cycle, in which you make a diagnosis of the state of the system to understand whether it is necessary to implement corrective actions in the face of your business needs, either as the initial moment preceding the feasibility study for the implementation of a new system or the application of corrective actions to the existing system.
When is an Assessment required?
- in the planning and control process of IT systems
- in critical situations regarding the provision of service processes to identify the true origins of malfunctions and distinguish between causes due to the system or external to it
- when a crisis situation inside the information system is tangible and you want to correct or prevent system malfunctions
- when you want to increase the efficiency and effectiveness of the IT within your organization
The Infrastructure Assessment process consists mainly of::
- perform an analysis to assess the effectiveness and efficiency of the information system
- perform a diagnosis to determine the causes of incorrect operations and identify the origin of the criticalities
- identify the “therapy”, that is the corrective and improvement actions for the systems under analysis
When is an Assessment required?
- in the planning and control process of IT systems
- in critical situations regarding the provision of service processes to identify the true origins of malfunctions and distinguish between causes due to the system or external to it
- when a crisis situation inside the information system is tangible and you want to correct or prevent system malfunctions
- when you want to increase the efficiency and effectiveness of the IT within your organization
The Infrastructure Assessment process consists mainly of:
- perform an analysis to assess the effectiveness and efficiency of the information system
- eseguire una diagnosi per determinare le cause di funzionamenti non corretti e identificare l’origine delle criticità
- identify the “therapy”, that is the corrective and improvement actions for the systems under analysis/span>
Operating method
The operating scheme adopted by System Innovation for the Infrastructure Assessment activity includes a series of methods aimed at making the results available to the customer in the shortest possible time according to the analysis perimeter. These methods are divided into five phases:
Kick-off Meeting
- Establishment of the working group.
- Sharing of the analysis perimeter and the results expected by the customer.
- Planning activities and estimating times.
- Processing of the RACI matrix.
Gathering of Information
- Interviews with the customer’s key users.
- Data and information collection through the use of questionnaires.
- System Inventory work performed on-site for assets connected to the network.
- Systems criticality detection with the help of automated tools.
- Acquisition of pre-existing documentation.
- Acquisition of documentation relating to specific anomalies found in the past.
Information Analysis
- Analysis of the obtained information and verification of its completeness and consistency.
- Targeted insights into specific areas where the information collected is incomplete.
- Processing of collected data for the preparation of deliverables.
Report and Presentation of Results
- Presentation of the report on collected data and identification of the main areas of intervention for the improvement of safety, performance and resilience.
Delivery Deliverables
- Asset inventory report.
- Summary document drawn up on the basis of the vulnerabilities detected by the VA tool.
- Network and ICT infrastructure diagram.
- Final technical report with details of the most critical points detected and indication of the actions/ solutions to be adopted for risk mitigation.
Kick-off Meeting
- Establishment of the working group.
- Sharing of the analysis perimeter and the results expected by the customer.
- Planning activities and estimating times.
- Processing of the RACI matrix.
Gathering of Information
- Interviews with the customer’s key users.
- Data and information collection through the use of questionnaires.
- System Inventory work performed on-site for assets connected to the network.
- Systems criticality detection with the help of automated tools.
- Acquisition of pre-existing documentation.
- Acquisition of documentation relating to specific anomalies found in the past.
Information Analysis
- Analysis of the obtained information and verification of its completeness and consistency.
- Targeted insights into specific areas where the information collected is incomplete.
- Processing of collected data for the preparation of deliverables.
Report and Presentation of Results
- Presentation of the report on collected data and identification of the main areas of intervention for the improvement of safety, performance and resilience.
Delivery Deliverables
- Asset inventory report.
- Summary document drawn up on the basis of the vulnerabilities detected by the VA tool.
- Network and ICT infrastructure diagram.
- Final technical report with details of the most critical points detected and indication of the actions/ solutions to be adopted for risk mitigation.