The SecuQUEST Assessment proceeds in form of a guided self-assessment. The assessment team consists for example of executive managers, engineers or cleaning staff members and valuates the company concerning security relevant topics. A coach accompanies and supports the assessment team during the whole assessment process.
Briefing of the supervisor
Duration: 1 - 1,5 hours, approximately 1 to 2 weeks before assessment
Participants: supervisor or team leader, coach
Content: Supervisor and coach together define expectancies, they have for the assessment and fix the goals which should be achieved. Thereby the coach gives an overview of the agenda of the assessment and respectively of the whole process.
Presentation of the team
Duration: 1 - 1,5 hours, approximately 1 week before assessment
Participants: assessment team, team leader, coach
Content: The members of the assessment team are informed by the coach about the agenda of the assessment. Together with the team leader expectancies and goals are presented to the team. In the course of this conversation the motivation of each team member is evaluated.
Duration: 6 - 7 hours
Participants: Assessment team, team leader, coach
Content: The SecuQUEST focus questions are sequentially answered by the team members. The coach provides help and clarifies open questions. Above that he guides the discussion and records all the information that cannot be gathered completely in the questionnaire.
Feedback and action planning
Duration: 2,5 - 3 hours, approximately 2 weeks after the assessment
Participants: team leader, assessment team, coach
Content: The assessment team receives a feedback from the coach about the results, developed in the assessment. At the same time possible suggestions for concrete measures are presented. How these measures are implemented and which further approach is chosen depends naturally on the assessment team.
Implementing of the measures
Duration: depending on the result
Participants: team leader, assessment team
Content: The developed measures and suggestions are implemented and the newly created and respectively changed business processes are integrated in the company.
The improvement process starts, depending on the demand 6-12 months later, with a reassessment in which the implemented measures are evaluated and at the same time new security holes are identified.