About Our Assessment Process
Cyber security assessments are an important tool to identify vulnerabilities (within People, Processes & Technology) in any organisation’s defences, validate the effectiveness of security controls and processes and provide the support and advice required to address security risks. At CSA, we offer different types of cyber security assessments which are carried out by a team of experienced and certified cyber professionals.

A maturity and gap analysis assessment identifies the differences between the current, ideal and comparable state of data security within your company. It is a thorough assessment with various stages to gauge the level of cyber security maturity and understand control gaps where it would be best to focus your attention and budget. Following the assessment, our expert CSA team will be able to define a quick win mitigation plan and help your company exercise reasonable governance over your cyber security, as well as devise an efficient next steps plan.

Assessments of cyber risk and controls are performed against recognised frameworks: NIST Cyber Security Framework, CIS Critical Controls, ISO27001 & NCSC CAF (Cyber Assessment Framework) and, if required, our qualified and experienced assessors will discuss with you first before agreeing the right type of cyber assessment that would be most suitable to your requirements.

CSA can deliver all required security Policies and Processes, specifically designed to reflect an organisations current situation and to cover essential areas of operation aligned to either NIST, ISO 27001, CE or any other framework of choice.

CSA’s Qualified ISO27001 Lead Auditors offer expert consultancy services to help companies implement some, or all, documentation and processes required.

Although there are hundreds of configuration settings in each M365 tenancy, Microsoft does not automatically apply all the security settings and, as a result, can leave the tenancy and user accounts vulnerable and open to compromise. Keeping businesses secure and their data protected means using the intelligent built-in Microsoft security features that are often not implemented, or used to their full potential. CSA’s Microsoft 365 Security Assessment is a key service for any organisation wanting to ensure they have implemented the best security practices, whilst using M365 and maintain good cyber hygiene in their M365 tenancy.

CSA will conduct a full assessment of your company’s M365 instance, to ensure you have all the necessary security controls correctly configured. Following the assessment, you will receive a report on our findings, as well as a technical assessment on the specific controls that need to be changed (each control to be changed will be based on the criticality of exposure).