FISASCORE® Is The Definitive Information Technology Assessment Score

At 20/20 Secure, we believe that every organization is faced with two major challenges when developing and executing a successful information security program.  The first challenge is that we all see information security in a different way.  The second is to prioritize the greatest risks to organizations and agree on the most efficient and impactful methods to address these risks.  Our goal is help all organizations to meet these challenges and leverage their capital, both human and financial, to build and maintain a strong information security program. We developed the FISASCORE to assist organizations with these challenges and provides a common vision of information security risk and maturity.  Through the FISA Assessment process, an organization can determine the level of maturity across administrative, physical and technical controls used to protect the confidentiality, integrity and availability of information.

“The definition of Informational Security is administrative, physical, and technical controls, to help protect the confidentiality, integrity and availability of you data…”

Bryan McGowan, 20/20 Secure VP of Operations

Comprehensive, Authoritative, and Objective Score

FISASCORE is a comprehensive, risk-based measurement of Information Security assigned to your company based on the FISA™ assessment process. A FISASCORE identifies critical vulnerabilities, control gaps/deficiencies, and applicable threats to the security of your organization.

Evaluation Criteria Is Focused on Regulatory and Industry Standards

Drawing from standards such as NIST 800-53 and ISO 27000 together with regulatory requirements from HIPAA (Healthcare), GLBA (financial services) and PCI (retail credit card sales), our evaluation criteria are chosen to identify risk to information security. Using a common language and a standard set of objectives for a comprehensive risk-based security program we can communicate information risk and protection between organizations with varying size, business purpose and internal culture.

FISASCORE ensures a well-rounded assessment

A successful Information Security program is more than just software and hardware. A FISASCORE evaluates Information Security risks across all facets of Information Security; Administrative, Physical and Technical controls. Covering all facets of Information Security allows the FISASCORE to represent the most comprehensive evaluation of information security risks that all people can easily relate to; regardless of your Information Security experience level.

Reporting for Executives, Managers and Technical Teams

The FISASCORE allows all members of the organization to quickly and confidently understand and quantify information security risks. Each FISASCORE and FISA™ assessment includes a measured scorecard, clear recommendations for senior leaders, and an Action Plan. The Action Plan guides the decision-making after the assessment and creation of workplans for ongoing improvement. Technical teams are provided with detailed reporting related to specific security controls, evaluation methods, tangible recommendations, and all the supporting information to enable significant risk reduction. Every FISASCORE includes comparisons to industry averages and recommendations to achieve a “best practice” or “acceptable” level of risk.


You can request more information and we will contact you to continue the  conversation about partnering with 20/20 Secure.