Our industrial cyber assessments lay the foundations for managing security risks efficiently and effectively. We publish an initial briefing document which details the assessment scope, agenda, timelines and deliverables. We also supply a questionnaire and carry out an information gathering exercise so that when we arrive on site for the actual assessment, we already have a thorough understanding of your people, processes and technology. Whist on site, the assessment will involve time speaking to your team to understand your governance in respect to managing risk. We will then take a deep dive with supervised access to your infrastructure and systems. Once the site visits are concluded, we prepare and publish a detailed output report.
Elements included in the health check:
- Policies & Procedures including any standards or frameworks you follow
- Network Access including routing, switching and firewalls
- Endpoint Protection including antivirus and associated technologies
DETAILED OUTPUT REPORT
- Executive management summary
- Feedback on the effectiveness of current environment – what’s working well, what has not worked, what could be done better, what you’re currently not doing and should be etc.
- Set of detailed recommendations for improvements if & where required with associated priority and fix ratings
It is important to conduct the IACS Health Check at the start of our engagement so that we can understand your people, processes and technology in detail. This helps us to develop a roadmap with clear milestones for any additional stages you may need in order to secure your environment as fully as possible.