Cyber Risk Audit


Learn the FACTS and get SMART.


Developed to deliver FACTS, empowering business stakeholders to determine RISK and EVIDENCE budget priorities.


Our Cyber Risk Audit provides organisations with a factual view of internal risks and breach susceptibility; helping to focus actions and resource on quantified information rather than the wider industry view or ‘threat-mania’ and the associated hype and scare mongering within the industry.


How The Audit Works..

The FACTS are derived by assessing an organisations IT environment over 4 to 8-weeks, with an agile and non-disruptive process.

What Do You Get?

No paper, just actionable data packaged by business unit within SMART, our interactive analytics tool that forms the reporting framework. 

A Cyber Risk Audit Informs..

Defined and evidenced priorities for policy and security improvement through hygiene, controls, education, governance or technology, for greatest risk reduction.


Is there active data loss – malicious, bad practice or policy violation?

Are outsourcers and service providers showing indicators of bad practice or exploitation thus creating risk?

What risks exist in the estate and what mitigation, controls and investments will reduce those risks?

Are current IT security investments and services effective?

Is the risk register correct, prioritised and informed with evidence that can be measured post remediation activities?

Is there evidence of compromise by external actors or insider activity?

Want to Learn More?