Certification and Readiness

Managed Audits and Certifications

Kuma will lead and guide the organization through the lifecycle of phases to achieve and maintain accreditation, audit and/or certification. This will be accomplished through a series of phases, including Readiness, Managing, and Surveillance. These phases will support the comprehensive awareness of the organization’s current state, facilitate efficient remediation of preliminary findings and well-organized evidence collection, and successful management of the relationship with the auditing and certifying body.

Managed Readiness

The Readiness Phase supports the remediation of the current state of the organization’s information security management system implementation to satisfy the requirements of the audit and certification initiative. The activities will follow the Deming Cycle (Plan, Do, Check and Act)

Managed Audit

Kuma will serve as main liaison with the certifying body for the organization, throughout the length of the engagement.  Throughout this role, Kuma will act as a conduit of information and requirements, as well as facilitate meetings and interviews.  Kuma will support and guide the organization through mitigation and remediation activities.  Kuma will foster the organization’s ability to track to the targeted timeline for achievement of certification and will project resource allocation and forecast budget impacts based on progress toward certification.

Managed Surveillance

Kuma will serve as main liaison with the certifying body for the organization, throughout the length of the surveillance period in the year’s following the initial certification year.  Throughout this role, Kuma will act as a conduit of information and requirements, as well as facilitate meetings and interviews.  Kuma will support and guide the organization through mitigation and remediation activities.  Kuma will foster the organization’s ability to track to the targeted timeline for maintenance of certification.