Our Security Risk and Capability Maturity Assessment is based on Cyber Security frameworks that align to both national (GCHQ/NCSC – Cyber Essentials, 10 Steps to Cyber Security) and international standards (NIST 800/CIS20/ISO27001) as well as regulations and government guidelines.
The CIS Controls map to most major compliance frameworks such as the NIST Cybersecurity Framework. Our process involves reviewing your systems and processes and consulting with key stakeholders within your business.
In doing so, we:
- Review your policies and technologies
- Determine your Security Maturity Level (SML)
- Identify gaps
- Develop IT Security Roadmap & Budget
- Develop an understanding of your organisation and its security requirements
- Identify policy and technology gaps based on the top 20 security controls
- Develop a roadmap to your sector’s required security capability level
- Executive summary – On-site presentation meeting with your leadership team to review the findings, recommendations and roadmap, and to respond to questions.
- Security Maturity Level Report – Based on the findings, your organisation is given a score aligned to recognised standards and best practice between 0-5.
- IT Security Roadmap & Budget – A roadmap is presented which achieves a phased remediation pathway and budget to achieve the target security maturity level.