Symantec Thursday plans to announce it is offering IT risk-assessment consulting services aimed at giving corporate management a comprehensive report on security gaps and remediation cost analysis.

The Foundation IT Risk Assessment service entails Symantec consultants working on site at a company to conduct workshops and interviews with its employees to get a view of the organization’s business and technology situation and future direction.

According to Darren Thomson, senior director of IT risk management at Symantec, the goal is to undertake baseline risk-management analysis based on standards that include Information Technology Infrastructure Library and BS17799 to categorize the organization’s risk level.

“The deliverable is an executive report and a presentation designed to be delivered by the sponsor to the board,” says Thomson. “The executive sponsor is typically the chief information security officer.”

Symantec says it will leverage what it calls the Inform tool to gather specific data shared by the organization in order to generate a gap analysis and recommendation reports.

Thomson says Symantec has about 30 consultants on staff to provide Foundation IT Risk Assessment and expects to have 40 by the end of the summer. The cost for the service is expected to be approximately $50,000.