Information Security Baseline Review

Dopkins & Company IT experts utilize a unique process to assess risk and provide a roadmap to address information security risks.

Contact: William M. Prohn CISSP, CISA, CGEIT, CRISC at

“…the very beginning…….a very good place to start” – Oscar Hammerstein II

Integrating technology into your business is critical to obtaining meaningful and timely information. We leverage the latest technology to do just that.

To download the Dopkins Information Security Baseline Review brochure, please click here.

You know there are risks to you and your business from viruses, hackers, data breaches, cyber crime, discontented or uninformed employees or outdated computer hardware. The list goes on, the threats are dizzying. How are you affected? What will work for your business? What specifically should you do?

Dopkins & Company has combined a unique learning and planning process with ISO 27002-2013, an internationally recognized standard for IT Security controls, to deliver a roadmap and starting point for you to address information security risks.

The STARTEGY Process


Dopkins & Company’s process design, called STARTEGY is a unique combination of your knowledge of your business, and our knowledge of information security controls and how they work together.  It’s a dialog between Dopkins & Company’s security consultants and your company’s senior executives, focusing on the minimum set of controls you need to have to operate effectively in the 21st Century’s on-line  “cyber world.” We explain the controls, how they’re used and the risks they’re designed to manage, and you provide the context for your business. Together we identify what controls are relevant to your business, and whether they are in place.

Learn more about STARTegy here.

Download a Sample Report

Fill out the form below to get a sense of what STARTegy reveals. This is a non-technical focus on securing your information through policy, training and technical controls.

  • This field is for validation purposes and should be left unchanged.

The Deliverable

The resulting scorecard shows you where your weaknesses may lie and where to begin to address the problem. We provide recommendations, based on our knowledge of information security and our experiences with other businesses in a wide range of industries, on how to address major threats and implement critical controls.

This is a non-technical focus on securing your information through policy, training and technical controls.

Above: Sample Baseline Security Review documentation.

Seven Reasons to Consider the Dopkins Baseline Security Review
  1. Comprehensive. Because it’s based on a recognized international standard, your Baseline Security Review addresses ALL aspects of your company’s Information Security.
  2. Educational. Your Baseline Security Review is a dialog between your leadership and our experts. The result is that you learn HOW and WHY specific security issues and controls affect your organization.
  3. Governance. Your Baseline Security Review can be the beginnings of a framework for board governance of IT and information security oversight, both growing concerns of corporate governance.
  4. Tailored. During your Baseline Security Review, the focus is turned on which aspects of information security are most relevant to your organization, and which are not. This narrows the focus of your information security concerns going forward.
  5. Immediate. Upon delivery of your Baseline Security Review Scorecard, you will have the tools to begin adding controls and improving information security in your organization.
  6. Guaranteed. If after delivery of your Baseline Security Review, you feel that you have not made significant strides towards improving your organization’s information security, you don’t pay!
  7. Benchmark. Our report contains easy-to-understand illustrations that provide a basis for benchmarking results at both an organization and department level.

Who Can Benefit from a Baseline Security Review?

  • Corporate Executive Management
  • Department Heads and Line Managers
  • IT Managers
  • Board Members

Additional Resources

Although it doesn’t appear directly on a balance sheet, information is an asset that, like other business assets, is essential to an organization’s success. Find out more about information security by clicking on the button below.

Click to View Sample Recommendations

For more information, contact William M. Prohn CISSP, CISA, CGEIT, CRISC at


Whether you are evaluating career opportunities as an accountant, business consultant or IT professional, you'll want to know what differentiates Dopkins & Company from all the competition. Learn more today.

Learn More