IT Security Risk Assessment
Cost: R 15 000
- In-person assessment interviews
- Travel within Gauteng
- Post-assessment report
What it’s about
The High-Level 1-Day IT Security Risk Assessment covers 20-areas of the business, from security to infrastructure, to assess the level of risk posed to the business. The assessment is based on 20-Critical Security Controls* that is in line with the ISO27001 (Information Security) Standard and the Protection of Personal Information Act no.4 of 2013 (also known as POPIA). It provides a good indication of the level of alignment between the company’s strategic and operational levels.
One of our divisional managers has a 4-hour meeting with the company’s CIO (or someone from management who knows the companies’ policies and governance in general) to go through the 20-sections of the assessment in 3-5 questions per section and compiles feedback on the rating scored within each section.
The ratings are based on the CIO’s knowledge, known practices and assumption that the respective controls are aligned to existing policies.
What to expect
After we have scheduled and conducted the interview with your CIO or another managerial representative, we provide you with a written assessment report within 14-working days of the assessment. The report shows your company’s rating scored against each security control. We also include general feedback on the report’s findings and discuss it with you so that you can decide on an appropriate way forward.
* These 20-Critical Security Controls are documented in the frequently updated “CIS Critical Security Controls for Effective Cyber Defense” report, conducted by the Center for Internet Security. These Controls are compiled by a collective of international individuals and institutions to establish best practices in cyber security. To view the latest report, visit the CIS website.
Request an IT Security Risk Assessment