Skip links

713 266 8785Call Monday thru Friday, 9am - 4pm

A cybersecurity risk assessment provides management with an understanding of the organization’s risk profile relative to the existing cybersecurity threat environment and provides technical teams with the detailed recommendations required to strengthen the environment and to mitigate risk.

Aporia Solutions will conduct a  cybersecurity risk assessment that reflects your organization’s IT infrastructure and risk profile.  Based upon the NIST cybersecurity framework, COBIT 5, ISO 27001, ISA 62443, and security industry best practices, the key objective is to identify, understand and mitigate potential vulnerabilities that can compromise the confidentiality, integrity, or availability of systems and data.


A typical cybersecurity risk assessment involves:

  • Reconnaissance & public information review (optional)
  • External network vulnerability assessment / penetration testing
  • Web application security assessments (unauthenticated)
  • Internal network vulnerability testing
  • Internal network patch audit
  • Threat-oriented evaluation of IT security layers
  • Social Engineering
  • Review of incident recovery plans & procedures
  • NIST Cybersecurity Framework alignment (optional)

Advanced focused testing may be added based on the organization’s inherent risk profile, IT complexity, risk tolerance, or specific threat environment.

Examples of advanced testing include:

  • Data exfiltration monitoring and capabilities
  • Shadow IT / unauthorized services
  • Advanced social engineering
  • Advanced wireless vulnerability assessments
  • Authenticated Web application assessments
  • Internet-of-things or SCADA devices
  • Mobile applications testing

Remember you can add or remove items from your bid request at any time.