7 Minute Security will guide you through the risk assessment process (based in the NIST Cybersecurity Framework), which at a high level looks like this:

  • 7 Minute Security will provide a secure file share for you to upload information that will help us better prepare for your assessment. These items typically include:

    • Information security policy

    • Acceptable use policy

    • Any other policies around technical controls

    • Company organization chart

  • 7 Minute Security will then schedule a series of interviews with appropriate staff/departments to go through a set of risk assessment questions.

  • At the same time, 7 Minute Security will conduct a vulnerability assessment of your internal/external network. Information on preparing for these assessments can be found here.

  • If an on-site physical assessment is part of your project, 7 Minute Security will schedule those on-site visits with you and gather appropriate information through a set of interview questions.

  • Finally, 7 Minute Security will schedule a meeting to review the results of the assessment and provide recommendations for remediations to work - both in the near future and beyond.

Did this answer your question?