Security Assessments is a health check for an organization and should be conducted on an annual basis. There are two types of assessments: self-assessments and third-party assessments. It is recommended that an organizations conducts both types of assessments and findings from the assessments should be reviewed with executives, prioritized and implemented.
Assess your organization against a standard. Build/document and execute action items from the assessment.