7 Minute Security will guide you through the risk assessment process (based in the NIST Cybersecurity Framework), which at a high level looks like this:
7 Minute Security will provide a secure file share for you to upload information that will help us better prepare for your assessment. These items typically include:
Information security policy
Acceptable use policy
Any other policies around technical controls
Company organization chart
7 Minute Security will then schedule a series of interviews with appropriate staff/departments to go through a set of risk assessment questions.
At the same time, 7 Minute Security will conduct a vulnerability assessment of your internal/external network. Information on preparing for these assessments can be found here.
If an on-site physical assessment is part of your project, 7 Minute Security will schedule those on-site visits with you and gather appropriate information through a set of interview questions.
Finally, 7 Minute Security will schedule a meeting to review the results of the assessment and provide recommendations for remediations to work - both in the near future and beyond.