Contact Us
info@supreetsandey.co.uk +44 7513379077 +44 1189669199 CONTACT US

Security Advisory team transforms client security governance documents and aligned them to industry-recognized NIST Cyber Security Framework

Company Bio:

A major chain of health clubs in the US and Canada. It provides cutting-edge skills training, expert instructors, and luxurious spaces to help people exceed their potential.


The challenge:

The firm was growing rapidly with their innovative digital solutions offering for the health and well-being of the clients during the pandemic, however, their cyber security culture and maturity in the organization was poor and could introduce new cyber risks, In addition, the client was constantly receiving requests for security governance-related documents from their partner's and auditors which put them on the back seat and a number of actions were assigned to for lack of adequate security governance-related documents. Hence the client wanted to address both the challenges and mitigate any future cybersecurity-related risks.


As SSL was a strategic advisor to the Client, they approached the Customer Security Advisory collaborative team based in the UK team to support them on this Journey to review, develop and transform their security governance documents and aligned them to NIST Cyber Security Framework and low baseline control set.


The solution:

As SSL was a strategic advisor to the Client, they approached the Customer Security Advisory collaborative team based in the UK team to support them on this Journey to review, develop and transform their security governance documents and aligned them to NIST Cyber Security Framework and low baseline control set.

  • SSL conducted workshops with client stakeholders to evaluate the firm's control environment, current security culture, maturity, and alignment to NIST Cyber Security Framework.
  • Reviewed existing security governance documentation and performed a gap assessment to NIST CSF to evaluate what controls are relevant to the Client’s control environment.
  • Developed a fit-for-purpose Information Security Policy, supporting Standards and Controls Catalog aligned to NIST 800 53 Low baseline control set.


The Result:

With SSL assistance the client was able to get buy in internal stakeholders and executives, which ultimately led to publishing and implementation of the newly created Information Security Policy and Standards within the client environment.

This could lead to reducing the risk exposure increase their maturity.

Finally, the client was also able to demonstrate their Governance responsibilities with their partner and auditors