Cyber Security Audit · UK organisations 50–5,000 staff
One clear picture of your cyber risk – and what to fix first.
A Cyber Security Audit that turns scattered tools, reports and opinions into a single, board-ready view of risk plus a Fix-First Plan. Simple, fast, no nerd-speak.
- Full internal & external view – one joined-up picture of where you're strong, weak and exposed.
- Plain-English Fix-First Plan your team (or ours) can actually run.
- Evidence pack you can reuse for boards, insurers and customers without rewriting everything.
Quick call to confirm fit, answer questions and pencil in your Review.
If you already know you want ongoing leadership, we usually start here then roll into vCISO so nothing is duplicated.
Real person, clear answers
You're not dumped into a portal. You get a named lead who can explain risk in business terms – and stay with you if you move into vCISO.
Plain-English risk review
Not another audit. A decision tool.
The Cyber Security Audit is a structured look at how you actually manage cyber risk today – across people, process, technology and suppliers. We map what's in place, what's missing and where the high-impact gaps sit.
Instead of a long technical audit, you get a concise story: how exposed you are, where that exposure comes from, and what to do first. It's built so CFOs, COOs and IT leaders can all read it and agree on a plan.
You can then implement the plan with your own team, your MSP or with us – including moving into an ongoing vCISO engagement if that's the right next step.
- A one-page posture summary that explains risk in business language.
- A prioritised Fix-First Plan for the next 90 days and a simple 12-month view.
- Evidence pack you can repurpose for insurers, tenders and stakeholder updates.
- A clear recommendation on whether vCISO or lighter-touch support makes sense.
Outcomes, not paperwork
What the Review changes for you.
Everything is geared around three questions: How exposed are we? What should we do first? Who's responsible?
One story everyone can repeat
Board, IT, finance and ops see the same picture – not five conflicting tool dashboards and a 200-page audit.
A Fix-First Plan you can actually run
We translate findings into a realistic sequence of actions, mapped to owners and effort – not a laundry list nobody will ever finish.
A clear recommendation on "what now"
Whether that's vCISO, targeted projects, or lighter advisory, we'll tell you what actually fits your risk, budget and appetite.
Three simple steps from "no clear picture" to "here's the plan".
Kickoff
60-minute call to understand your business, pressures and existing controls. We agree scope, data needed and who needs to be involved.
Review
We do the digging: internal and external checks, supplier and control review, posture scoring and draft Fix-First Plan. You're not doing the legwork.
Readout
45-minute readout with decision-makers: posture summary, Fix-First Plan and options for how to run it (with or without us).
Typical delivery time is agreed during kickoff based on scope and access.
Too many tools. No clear plan.
Most mid-market organisations already have firewalls, policies and a stack of tools. But the same questions keep coming.
• Vendors talk in dashboards and acronyms.
• Insurers, clients and regulators want proof you're in control.
• Nobody has time for a 200-page report.
• Budget is spent, but it's unclear what's actually reduced risk.
The Cyber Security Audit gives you one simple picture of risk and a Fix-First Plan everyone can get behind.
Real team, real oversight
Your security isn't left to tools alone — you get people who join the dots and turn noise into a clear plan.
Fit check
Is this the right fit for you?
A quick sense check so you know if a Cyber Security Audit is likely to be useful, before either of us invests time.
This is for you if…
- You're a UK organisation with roughly 50–5,000 staff.
- You have tools or Cyber Essentials but no clear, joined-up plan.
- You face insurance, tender or board scrutiny on cyber and need a straight story.
- You want a clear view of risk, not a tool pitch.
- You're willing to act if the case is clear and practical.
This is not for you if…
- You only want the absolute cheapest certificate.
- You're not open to changing how you manage risk.
- You want a DIY checklist you know you'll never implement.
- You only want a one-off pen test with no wider context or plan.
If you're somewhere in the middle, that's fine — a short call will usually make it obvious whether a Review is the right move or not.
Full internal & external view – not just one tool.
We look across identity, infrastructure, people and process so you see the whole risk picture.
What we review (no remediation in this phase)
Identity • Endpoints & Servers • Email & Web • Perimeter • Vulnerabilities & Patching • Backups & Recovery • Logging/SIEM • Cloud & SaaS • Suppliers • People & Process.
Investment
£7,500 + VAT
Fixed-fee Cyber Security Audit of your full internal & external posture.
100% CREDIT TO vCISO
Start our vCISO within 30 days and the full £7,500 fee is credited against it. The Review becomes Step 1, not another bill.
Price & terms
- • Fixed fee: £7,500 + VAT (priced on outcome, not hours).
- • Same total, flexible timing: 50% now / 50% at readout, or 3 × £2,500 weekly.
- • Full credit: 100% of this fee applies to our vCISO if you start within 30 days.
Risk removed
- • Clear scope, deliverables and assumptions agreed up front – no surprises on what you're getting.
- • Readout focused on an actionable plan, not a technical data dump your team can't use.
Availability
• Limited Review slots per month. Priority start available when timelines are tight.
We'll confirm timing on your Risk Preview call and pencil in your kickoff and readout.
Ready to actually manage cyber risk?
The Cyber Security Audit is the fastest, lowest-risk way to see where you stand, what's risky and what to do first – with the fee fully credited to vCISO if you move ahead.
On the call we'll confirm fit, answer questions, agree terms and schedule your kickoff. No pressure, no scare tactics.