How Can We Help How Does The Cyber Audit Work? We set up a meeting to understand the complexity and size of your organisations system and infrastructure to be audited. We will guide and support the completion of an electronic questionnaire to provide key information. Our team will review the questionnaire and in consultation with multi-disciplinary experts, will identify the areas that should be addressed and prioritised. We provide a detailed formal report with a full assessment and recommendations. The recommendation will highlight simple key steps for your organisation, even with limited internal know-how, to better protect your systems and data from potential business risks and breach implications. We can deliver the results of this audit electronically or as part of a live session. Pricing Pricing will be depend on the size, complexity and shape of the organisation and system to be audited. Infrastructure, hosted vs onsite, the number of sites, software, hardware etc. will also contribute to the final cost estimate. Pricing will start at around £2000 for a basic audit but will depend on complexity of infrastructure and systems. Certain organisations may qualify for a fixed fee audit. What Framework Is Used? We use the key cyber hygiene controls that mitigate the majority of the risk. We will undertake an in depth assessment of your infrastructure and systems, using: 10 cyber risk areas 66 hard hitting controls An assessment of the business cyber risk profile and digital footprint The process is based on a protocol already used in Irwin Mitchell and aims to give small to medium size businesses and start ups a practical means to understand your current situation and give you tools to better protect your business. Who Is At Risk? All businesses are at risk. Criminals are interested in making money from anyone who is willing to pay out. Common perception is that cyberattacks are complex, difficult-to-stop operations. The reality is that most attacks stem from a lack of basic security best practices. E.g. good passwords and identifying phishing attempts. Stolen passwords are by far the most common way enterprise accounts and data get compromised. Even attacks by nation-state actors typically rely on simple tactics like password sprays, which capitalise on employees using weak passwords. Why Choose Irwin Mitchell? We have over 85 years collective experience in cyber security. Our multi-disciplinary team of experts have qualifications covering; CISSP, SSCP, ComTIA Security+ (CSIS), CySA+, Azure AZ-900, computer network security, CISM, ISO27001 Lead Auditor, GDPR , C|CISO, CRISC. We’re trusted experts who already run this for Irwin Mitchell which has highly sensitive data. We use this process at Irwin Mitchell to advise our own supplier risk, and mergers & acquisition decisions. We work with the UK government's regional cyber security resilience teams to engage and educate e.g. Greater Manchester Police. Our audit is accessible and cost-effective. It’s designed to give small and medium businesses direction and peace of mind. The process is simple and the measures are easy to implement. We’re supported by a team of lawyers who can advise on GDPR and related regulations and requirements.
