Skip to Main Content
Select regional store:
Learn for less: Save 10% on high-quality foundation and auditor training. Find out more
Cyber Health Check

Cyber Health Check

SKU: 4407
Format: Cyber Health Check
Published: 30 Jan 2016
Availability: Always available

Assess your cyber risk exposure and identify a practical route to minimize your risks with our four-phase cyber health check, combining:

  • Assess your cyber risk exposure and identify a practical route to minimize your risks
  • Get a clear overview of the risks posed to your organization
  • Learn how to transform your cybersecurity and protect your organization from cyber criminals and other threats
  • Receive support from cybersecurity experts

For more information about this service or to get a tailored quote for your organization, please inquire below and one of our experts will be in touch shortly

Inquire about this service

Identify your cyber risks

If you are embarking on a cybersecurity improvement program, a cyber health check will help you identify your weakest security areas and recommend appropriate measures to mitigate your risks.

This health check will provide you with a concise and detailed report describing your current cyber risk status and critical exposures, and will draw on best practice, such as ISO 27001, the CIS Critical Security Controls, and ISO 22301.

Your consultant will aim to achieve the following:

  • Identify cyber risks relating to people, processes, and technologies
  • Identify technical vulnerabilities affecting your IT infrastructure
  • Assess risks posed by employees through anonymous staff questionnaires
  • Provide remediation advice for identified vulnerabilities and key risks

Download the full service description

Scope of work

Our qualified, experienced consultants will work with you to determine how well cybersecurity is governed at board level. They will examine and report on the areas listed below, identifying any gaps and recommending specific steps to mitigate them.

Governance and information security management audit

  • Cyber risk governance
  • Critical cyber assets
  • Asset register
  • Risk register
  • Legal, regulatory, and contractual requirements
  • Policies and the ISMS (information security management system)
  • Roles and responsibilities
  • Business continuity and incident management
  • Staff training and awareness
  • Physical security review

Technical cybersecurity controls

  • Network and perimeter security, including remote working
  • Secure configuration
  • Access control and privilege access
  • Anti-malware
  • Security monitoring
  • Mobile devices, mobile working, and removable media
  • Cloud security

Vulnerability scans

  • External scan of up to 15 IP addresses
  • One website / URL

Anonymous staff questionnaire

We will send an online questionnaire to a broad range of your staff to determine cybersecurity awareness levels, covering:

  • Policies and procedures
  • Social media use
  • Phishing awareness
  • Password management
  • Malware
  • Portable device use
  • Handling personal information and privacy requirements
  • Incident response

Download the full service description

What to expect

We will provide you with a concise and detailed report describing your current cyber risk status and critical exposures.

The report outlines the scope, findings, and next steps to improve your cybersecurity posture. It outlines action plans, vulnerability scan findings, remediation recommendations, staff survey results, and methodology. The report also provides a prioritized action plan setting out how to mitigate the risks identified.


Benefit from proven cyber security experience and expertise

Our services are delivered by a team of experienced and highly qualified consultants who have a deep understanding of the range of cyber risks facing organizations today. Your assigned consultant will help you identify and understand how to transform your cyber security stance, allowing you to implement the best possible solutions for your budget and business requirements.



  • This standard service package applies to single-entity organizations with up to 500 staff and with all key personnel (senior management, HR managers, compliance, IT, sales, marketing, and procurement) based at a single site. The service can be delivered to organizations in any sector or industry.
  • This service is provided remotely.

For larger organizations, please contact us for a custom quote.

Inquire about this service to receive expert advice from a cybersecurity specialist so you can get started with your risk mitigation plan immediately.

Why choose IT Governance?

Why choose IT Governance?

IT Governance has more than 15 years’ experience helping organizations get their cybersecurity right, working with boards and senior managers to identify and manage cyber risks in line with the organization’s risk appetite and commercial business drivers.

  • Our specialist team has extensive data protection and information security management project expertise, both in the UK and overseas
  • Our transparent proposals are fixed price, so you won’t get any surprises
  • You will have access to a dedicated relationship manager throughout the project

IT Governance is also recognized under the following frameworks:

  • CREST certified as ethical security testers
  • Certified to ISO/IEC 27001:2013, the world’s most recognized cybersecurity standard

Customer reviews

This website uses cookies. View our cookie policy