5+ Security Gap Analysis Examples & Samples – PDF, Word

These days, people rely too much on computers. The moment you wake up, we use the Internet. On the way to the office, you book a cab using the Internet. Inside the office, everything is done through the use of the Internet. Everyday, we use the Internet. But how safe is our Internet? How safe are we on relying the Internet? You may also see information technology gap analysis examples.

• 7+ HIPAA Security Risk Analysis Examples PDF
• 9+ Software Gap Analysis Examples PDF

Security gap analysis are designed to check loopholes, inconsistencies, gaps of the Internet. But let us try to understand what gap analysis is in its general definition. You may also check out here policy gap analysis examples.

Security Gap Analysis Example

Cyber Security Gap Analysis Example

Gap Analysis

A gap analysis is used to identify gaps between the current situation and the ideal one. The purpose of which is to achieve what has been set as an ideal one. For example, in education, the student may set a target of himself not to be always complete in attendance. That is the ideal. But how about the current situation? The current situation could be that he does not go to school everyday.

So, the ideal is not matched or not consistent with the actual situation. That is what gap analysis is. It tells you where you are, where you want to be, and graphically illustrates the gap between the two. But the end purpose of it all is to improve, it is not just there for the sake of seeing the difference or the gap. You may also check out here education gap analysis examples

In computers, the ideal protected computer is that one in which there is an anti virus program, and that it can not be hacked easily. When we say that a computer is safe, well protected, it means it is safe online and not just locally (LAN) speaking. You may also see data gap analysis examples.

Gap Analysis and Risk Assessment Example

Steps in Doing Gap Analysis (in General)

Gap analysis is a process. It is a process of how one can achieve what he wants to be, how his performance should be, and what he should be doing to reach his goals. There are many ways of doing it. Here is one basic steps in doing it. The examples we use here are not about internet, but we will try to use them at the end, after we demonstrate it in general sense. You may also see training gap analysis examples.

Preparation. This is about data gathering. Here, you try as much as you can to get all the information needed in the assessment. You may ask, where do you get this, where should you go, who should you ask about what? What is this all about?

Identify. Now that you have some data, it is time you identify each elements. Identify where you are. Identify what you have, and what you do not have. But also, identify the things as expected of you, as expected of the company to be doing. So if you have letter A (What you want to be), B (the Gap), and C (Where you are now). You try to identify what is in letter A and also, you try to identify what is in letter C, what you are now, how you are doing. But you have not analyse anything yet. But somehow along the way as you gather some data, you slowly sort them, and you would notice something, eventually. You can somehow tell that it is getting of along the way. You may also see market gap analysis examples.

Evaluate. It is here now that you examine them. You now make a comparison between the two, the A and C. Are they match? Is the color red in A the same color red in C?  Or does one look less red? Is the one yellowish? In the process of doing, you are slowly filling the gap. You are slowly realizing that there is a gap in between. That will slowly fill the gap. And you now have some elements, date in letter B. Here you may realize that probably there are more items in letter A than there are in letter C.

So in numbers there could be 5 in A, and only 3 in letter C. That means there is a mean difference of 2 in letter B. Now that is an evaluation. Now, we have just given two kinds of examples, the qualitative one which is the colors, and the quantitative one, which is about numbers. Now are you ready for the application? You may also see product gap analysis examples.

Applications. So how do you apply gap the actual gap analysis. Actually, you already started it. But the real thing happens when you do something about it. What would you do if two things do not match. For example, what would you do if one color is Red, that is in letter A, and in the other one, it is not Red, maybe it is just Red Orange, that is in letter C. Or what would you do if the sum total of the items in letter A is 5, whereas in letter C it is only 3. You may also see gap analysis examples & samples

In other words, what would you do to make the Red Orange look like Red? Or how you turn Red Orange to Red? Would you throw it way and make another painting of red? Or maybe you would add some red pigment into it?

Or what would you do if in letter A, (the ideal) you have 5, but in letter C, or what you have, you only have 3? Maybe you would add two more items to make it 5. That is how you make applications. But there are any other ways of doing it. The one we have here is just one example. You may also see gap analysis report examples.

Follow Up. The process that we do in a gap analysis are to fancy but still we are able to make it. The real problem is making a follow up. Using the example that we have, when you try to change the red orange color to red, was it really successful? Did it really change to red? And what did you do afterwards?

This is what is missing mostly in our system, making a follow up. It does not seem to look very critical among the steps, but it actually is very important. So if in trying to get the red color, you still fail, what would you do. Perhaps make another one. And if you fail again, make another one, until you get the right way of doing it. Until you get the final, correct product. Or in in your attempt to reach 5 items, you only have 4, coming from 3, what do you think you should do? Well, make do it again until you get the ideal number of 5. That will make the approach of gap analysis not futile. That makes gap analysis, very useful. You may also see healthcare gap analysis examples.

Conducting an Information Security Gap Analysis Example

Purpose of a Gap Analysis

The main purpose of a gap analysis is for one to see where he is now, or how he is doing, at present. It is like doing an examination, only that it focuses on the difference between the expected target condition vs the current situation. In a security gap analysis, the purpose is to be able to know if there is a difference between A (secured internet connection) and C (whether is is secure or not). You may also see case analysis example.

Now let us use the internet in our attempt to explain security gap analysis.

Preparation. The popular way of doing a security gap analysis is to protect ones system from the current malicious software, that is by defending the ones we already know. As they call it, that is reactive approach. And that is a good thing. The problem with internet systems is that it is evolving. So the defensive mechanism that you are doing now may not be that effective when you release it tomorrow, because by tomorrow, they may be releasing a new one, a new malware, a new virus. You may also see product case analysis examples.

When preparing for a security gap analysis, initially you can start by gathering and researching all information about malware, virus, types of hacks. But also researching what and where the trend is heading. The upper ladder is to attend seminars on computer hacks or better, hire hack experts. That way you are not only reactive, but also being aggressive. You could also inquire all computer related problems that other companies have been facing. You may also see quantitative analysis examples.

Identify. Now this level is a bit difficult. But if you hire an expert, he can help you identify the kind of malware that is troubling your team. But security gap analysis is not just about viruses and hack, et cetera, it is all about the kind of computers you are using. The kind of business you are into. Is your company about banking? Or is it about business processing? If it is about banking, then that might even be riskier than other kinds of security gap analysis. Or are you in an university, an institution? The kind of company will help you identify the kind of your enemies. If you are working in a bank, your enemies could not be a student scholar, or if you are in a university, the one who could be hacking your system probably is not a robber, but someone who has something to do with school. You may also see customer profitability analysis examples

Here, you probably have seen what is going on in your computer systems. There could be a breach in the computer software. There could be an alteration of your system. There has been some changes. It may not be clearer to you. But that is what you will be doing in the evaluation. You may also see job analysis examples

Evaluation. In the evaluation, you will be able to confirm that there is actually a breach in the computer system. There are changes. There is difference in the numbers. In A there is, let us say, 5, but in the current situation, there is only 3. You can tell someone has made some changes. Is this an internal hack, or an external one?

But you also would want to check your side. Do you think it is because of your antiquated programs? Don’t you think it is time for you to upgrade you systems? Do you think all this malware could have been avoided had you upgraded your systems, had you upgraded both your software and hardware? You may also see earned value analysis examples.

Application. One of the things you would do is upgrade. Reset. Back up. Reformat. And when you do, you need to upgrade to a newer hardware and firmware. This is from the fact that software are always upgrading. If you can upgrade, so do the hackers. You may also see functional behavioral analysis examples.

Follow up. So now you have upgraded, updated everything, Or you actually have reformatted, and made new hardware upgrades. But did it do anything at all? Did it make any difference? If is not really working, then it is time you really have to request for a a computer expert. You may also see cash flow analysis examples.

Cyber Security Framework Gap Analysis Example

Security Gap Analysis as Business

Doing security gap analysis these days is like the business of selling virus removal. There is a need for it in the market. A company may do its own security gap analysis. It is like getting rid of your viruses with your own raw skills, as a non computer technician. But some people just have to install virus removal software to do the job. In the same way, one can just hire someone who is an expert in security gap analysis. You may also see business systems analysis examples.

Email Security Gap Analysis Example

The job or the task of doing a security gap analysis is not really that complicated. The main goal is just to improve, from C to A, from the current condition to the ideal one, from having some problematic computer systems to having a clean one. That is just the goal of doing a gap analysis. The important thing is to keep on doing it. Doing it regularly will make your computer systems healthy, instead of always relying from a techie guy, and doing it only once in every 5 years. That way you can just do it on your own. It is in this little things that matter. You may also see event cost analysis examples.