TABLE OF CONTENTS In this chapter we delve into one of the most crucial preparation aspects of doing any evaluation: assessing customer expectations, the tangible and intangible factors, that will affect the outcome of the evaluation. If you fail to adequately address your customer s expectations, you can expect to waste your time and the customer s money. A good example is to show up for a technical evaluation and find out at the in-briefing that the customer is expecting a full risk assessment. Your team will be unprepared and probably missing some skill sets needed to accomplish the customer goals. From that point on everything that can go wrong will, and you will fail to achieve the prime goal of any provider of services to any customer: customer satisfaction. Setting expectations is more than just asking what the customer is concerned with or what they want. You and your customer need to come to an understanding of what is going to be done and what is not going to be done.
This is the reason for this chapter. The focus of this book is the accomplishment of the technical evaluation of a customer s computing environment, but it is essential that you understand how this fits together with an overall security posture review.
As already covered in the previous chapters, you need...
