Information Security Risk Assessments

Start every cyber security journey with a risk assessment. However you choose to protect your organisation against data loss, fraud or cyber theft, find out what you should protect, first.


The Information Security Risk Assessment covers 14-areas of the business, from security to infrastructure, to assess the level of risk posed to the business. The assessment is based on the ISO 27001 (Information Security) standard and aligns with South Africa’s Protection of Personal Information Act (POPI). The assessment provides a good indication of how aligned are the organisation’s strategic enterprise goals and its IT operations.

The process

One of our CIO Advisors has a series of onsite meetings with various stakeholders in the organisation, such as the CIO or representatives from management who know the company’s policies and governance in general. (S)he asks the stakeholders a series of questions on each section in the ISO 27001 standard and compiles feedback on the rating scored within each section. During these meetings, we also score the quality of the organisation’s policies against the ISO 27001 standard’s controls. The ratings are based on the organisation’s knowledge, known practices and alignment of the respective controls to existing company policies.

What to expect

After we have scheduled and conducted the interview with your CIO or other managerial representatives, we provide you with a findings and recommendations report within 5-working days of the assessment. The report shows your organisation’s rating scored against each security control. We also include general feedback on the report’s findings and discuss it with you so that you can decide on an appropriate way forward.

The information security assessment report includes:

  • A compliance checklist;
  • Compliance results per ISO 27001 section;
  • Compliance results per control in the ISO 27001 standard;
  • A consolidated results dashboard.

The AVeS Team has been instrumental in the review and update of our ICT policies and procedures. Their combination of skills and experience makes the partnership with AVeS Cyber Security a good one for the IT department at Palabora

Wendy M.

IS&T Manager, Palabora Mining Company

About the A-Team

AVeS Cyber Security forms part of the AVeS Cyber International group of companies. It is a specialist in industry-specific IT Governance & Architectural services, combining expert knowledge and services with leading technology products to provide comprehensive Information Security and Advanced IT Infrastructure solutions. Over the past 24-years, AVeS Cyber Security has strategically honed its solutions and services to help businesses future-proof their IT environments against the continually evolving threat landscape while achieving their digital transformation aspirations. The company offers a leading portfolio of professional services, products, and training in security, infrastructure, and governance solutions. Every year, the company continues to win numerous awards from some of the world’s top technology vendors, indicating competency, strength, innovation, and robustness in an industry that is fast growing in complexity due to evolving challenges, such as ransomware, advanced targeted attacks and the Internet of Things. The more recent awards include Kaspersky’s Africa Partner of the Year 2019, 2020 and 2021, Kaspersky’s Top META Learning Partner 2020, Sophos’ Upcoming Partner of the Year 2020, and ESET’s Best in the Biz Award 2021. AVeS Cyber Security also received prominent partner statuses across its portfolio, such as Microsoft Gold Datacentre Partner, DellEMC Gold Partner, Veeam Silver Partner and Sophos Platinum Partner.

Be bold.

Take a step towards knowing your cyber risks.

Please add your work email address and check that it is correct before submitting the form.

Terms and Conditions

  1. Travel and accommodation to customers outside Gauteng will be charged separately.

Pin It on Pinterest