Profile: Margaret Rouse
|It’s important to note that the gap analysis is not a one time activity. Each organization should execute a gap analysis of its cybersecurity approximately once per year and draw upon the results to adjust cybersecurity activities to meet new regulatory or compliance requirements or simply growth of the organization and its supporting information technology infrastructure.
From the book Cyberwar, Cyberterror, Cybercrime by Julie Mehan
Today’s Word of the Day is gap analysis. I think Dr. Mehan is the only expert I’ve read who says “do a gap analysis once a year.” I love it.