Skip to Main Content
Learn for less: Save 10% on high-quality foundation and auditor training. Find out more
Cyber Health Check

Cyber Health Check

SKU: 4407
Format: Cyber Health Check
Published: 30 Jan 2016
Availability: Always available

Easily identify your cyber risks with our G-Cloud-approved cyber health check. (Service ID: 6954 2611 8858 292.)

Assess your cyber risk exposure and identify a practical route to minimise your risks:

  • Get a clear overview of the risks posed to your organisation.
  • Learn how to transform your cyber security and protect your organisation from cyber criminals and other threats.
  • Receive support from cyber security experts.
  • This bespoke service can be tailored to your specific needs and budget.
For more information about this service or to get a tailored quote for your organisation, please enquire below and one of our experts will be in touch shortly.Enquire about this service

Identify your cyber risks

If you are embarking on a cyber security improvement programme, a cyber health check will help you identify your weakest security areas and recommend appropriate measures to mitigate your risks.

This health check will provide you with a concise and detailed report describing your current cyber risk status and critical exposures, and will draw on best practice, such as ISO 27001, ISO 22301, 10 Steps to Cyber Security, CIS Critical Controls and NCSC (National Cyber Security Centre) guidance to provide recommendations for reducing your cyber and compliance risk. Your consultant will aim to achieve the following:

  • Identify cyber risks relating to people, processes and technologies.
  • Identify technical vulnerabilities affecting your IT infrastructure.
  • Assess risks posed by employees through anonymous staff questionnaires.
  • Provide remediation advice for identified vulnerabilities and key risks.

Download the full service description

Scope of work

Our qualified, experienced consultants will work with you to determine how well cyber security is governed at board level. They will examine and report on the areas listed below, identifying any gaps and recommending specific steps to mitigate them.

Governance and information security management audit

  • Cyber risk governance
  • Critical cyber assets
  • Asset register
  • Risk register
  • Legal, regulatory and contractual requirements
  • Policies and the ISMS (information security management system)
  • Roles and responsibilities
  • Business continuity and incident management
  • Staff training and awareness
  • Physical security review

Technical cyber security controls

  • Network and perimeter security, including remote working
  • Secure configuration
  • Access control and privilege access
  • Anti-malware
  • Security monitoring
  • Mobile devices, mobile working and removable media
  • Cloud security

Vulnerability scans

  • External scan of up to 15 IP addresses
  • One website/URL

Anonymous staff questionnaire

We will send an online questionnaire to a broad range of your staff to determine cyber security awareness levels, covering:

  • Policies and procedures
  • Social media use
  • Phishing awareness
  • Password management
  • Malware
  • Portable device use
  • Handling personal information and privacy requirements
  • Incident response

Download the full service description

What to expect

We will provide you with a concise and detailed report describing your current cyber risk status and critical exposures, and will draw on industry best practice.

The report outlines the scope, findings and next steps to improve your cyber security posture. It also outlines action plans, vulnerability scan findings and recommendations, staff survey results and methodology.

 Download Cyber Health Check Sample Report

Cyber Health Check brochure: uncover your cyber security weak spots before attackers do 

IT Governance can help you identify your weakest security areas and take appropriate action, by following practical recommendations.

Learn how a cyber health check can give your organisation a high-level overview of your cyber risks and the areas that require attention. 

Download now


Benefit from proven cyber security experience and expertise

Our services are delivered by a team of experienced and highly qualified consultants who have a deep understanding of the range of cyber risks facing organisations today. Your assigned consultant will help you identify and understand how to transform your cyber security stance, allowing you to implement the best possible solutions for your budget and business requirements.



The standard service package applies to single-entity organisations with up to 500 staff and with all key personnel (senior management, HR managers, compliance, IT, sales, marketing and procurement) based at a single site. The service can be delivered to organisations in any sector or industry.

This service is typically provided remotely but can be conducted on-site where necessary. Additional costs may apply to site visits.

For larger organisations, please contact us for a custom quote.

Enquire about this service to receive expert advice from a cyber security specialist to get you started with your risk mitigation plan immediately.

Why choose IT Governance?

Why choose IT Governance?

IT Governance has more than 20 years’ experience helping organisations get their cyber security right, working with boards and senior managers to identify and manage cyber risks in line with the organisation’s risk appetite and commercial business drivers.

  • Our specialist team has extensive data protection and information security management project expertise, both in the UK and overseas.
  • Our transparent proposals are fixed price, so you won’t get any surprises.
  • You will have access to a dedicated relationship manager throughout the project.

IT Governance is also recognised under the following frameworks:

  • CREST certified as ethical security testers.
  • Certified under Cyber Essentials Plus, the UK government-backed cyber security certification scheme.
  • Certified to ISO 27001:2013, the world’s most recognised information security standard.

Customer Reviews

(4.00)stars out of 5
Number of reviews: 1
1. on 27/01/2022, said:
4 stars out of 5
The CHC was conducted as an independent review of our current posture in terms of Governance Risk and Compliance (GRC) to help identify if there were any gaps prior to the development of an ISO 27001 aligned framework. The CHC also provided our risk committee and top management with assurance that appropriate technical and organisational controls are in place to protect the confidentiality, integrity and availability of our data and systems. The service met with our expectations and the report generated highlighted points that will be considered by our Risk Committee. The service and report helped us prioritise focus areas of improvements to our existing ISMS. This is certainly a service we would recommend from IT Governance.
Showing comments 1-1 of 1
This website uses cookies. View our cookie policy
SAVE 10%