Information Security Risk Assessments

Reduce Risk with AVeS Cyber Security's IT Security Services

Cost: R 15 000

What's included:
  • In-person assessment interviews
  • Travel within Gauteng
  • Post-assessment report

High-Level Information Security Risk Assessment

What it’s about

The High-Level 1-Day IT Security Risk Assessment covers 14-areas of the business, from security to infrastructure, to assess the level of risk posed to the business. The assessment is based on the ISO27001 (Information Security) Standard and is aligned with the Protection of Personal Information Act no.4 of 2013 (also known as POPIA). It provides a good indication of the level of alignment between the company’s strategic and operational levels.

The process

One of our divisional managers has a 4-hour meeting with the company’s CIO (or someone from management who knows the companies’ policies and governance in general) to go through the 20-sections of the assessment in 3-5 questions per section and compiles feedback on the rating scored within each section.

The ratings are based on the CIO’s knowledge, known practices and assumption that the respective controls are aligned to existing policies.

What to expect

After we have scheduled and conducted the interview with your CIO or another managerial representative, we provide you with a written assessment report within 2-working days of the assessment. The report shows your company’s rating scored against each security control. We also include general feedback on the report’s findings and discuss it with you so that you can decide on an appropriate way forward.

The information security assessment report includes:

  • A compliance checklist,
  • Compliance results per ISO 27001:2013 section,
  • Compliance results per control in the ISO 27001:2013 standard, and
  • A consolidated results dashboard.
Reduce Risk with AVeS Cyber Security's IT Security Services

Cost: Based on Scope

What's included:
  • In-person assessment interviews
  • Travel within Gauteng
  • Post-assessment report

In-Depth Information Security Risk Assessment

What it’s about

The In-Depth IT Security Risk Assessment also covers 14-areas of the business, from security to infrastructure, to assess the level of risk posed to the business. The assessment is based on the ISO27001 (Information Security) Standard and aligns with the Protection of Personal Information Act no.4 of 2013 (also known as POPIA). It provides a good indication of the level of alignment between the company’s strategic and operational levels.

The process

One of our divisional managers has a series of onsite meetings with various stakeholders in the company’s, such as the CIO (or someone from management who knows the companies’ policies and governance in general) to go through the 20-sections of the assessment in 3-5 questions per section and compiles feedback on the rating scored within each section. During these meetings, we also score the quality of the organisation's policies against the ISO27001:2013 standard's controls.

The ratings are based on the organisation's knowledge, known practices and alignment of the respective controls to existing company policies.

What to expect

After we have scheduled and conducted the interview with your CIO or another managerial representative, we provide you with a written assessment report within 5-working days of the assessment. The report shows your company’s rating scored against each security control. We also include general feedback on the report’s findings and discuss it with you so that you can decide on an appropriate way forward.

The information security assessment report includes:

  • A compliance checklist,
  • Compliance results per ISO 27001:2013 section,
  • Compliance results per control in the ISO 27001:2013 standard, and
  • A consolidated results dashboard.

Risk Assessments Frameworks

Governance Framework
Information Security Management System

Sample Risk Assessments Report Results

Sample Risk Assessment Report Scores (graphs)
Sample Risk Assessment Report Scores (Table)

Request an IT Security Risk Assessment

Please contact me about a:

Name*

Company Email*

Phone

Province

Message

Please check that your details are correct before sending.