The Security Risk Assessment (SRA) is the first step every organization should take to understand their current security posture. GoldSky engineers use a threat-based framework to conduct a 360 degree assessment on your organization’s cybersecurity in five areas:

  • People.  People are the foundation of any risk assessment and the foundation of your business. GoldSky analyzes the risks that all your stakeholders pose to your cybersecurity posture, from hiring to daily operations to termination.
  • Processes. Your employees, partners, and customer have certain roles and responsibilities in your organization. In many cases, the processes in-place in your organization don’t support proper cybersecurity.
  • Facilities.  Securing the physical access to your data is critical. From securing on-site servers to laptops, GoldSky analyzes the best and most cost-effective methods for better securing your data from physical attacks.
  • Technologies.  The technologies we use put us at risk every day. GoldSky engineers inspect the hardware, software, and computers in your environment for vulnerabilities and unnecessary risks.
  • Compliance.  Do you see patients? accept credit cards? Hold sensitive data? The chances are that you’re subject to at least one legal or regulatory compliance mandate. GoldSky will discover those requirements to keep you in compliance and potentially avoid costly fines.

At the end of the engagement, you will receive a report detailing all the activities performed, your risk analysis, and a security roadmap. Assessment reports and security roadmaps are designed to be:

  • Risk Ranked to help you understand your highest areas of risk
  • Actionable to help you get on track FAST
  • Prioritized to help you focus your efforts


The Security Risk Assessment (SRA) is the first step every organization should take to understand their based framework to conduct a 360 degree  assessment on your organization’s cybersecurity in five areas PEOPLE, PROCESSES, FACILITIES & TECHNOLOGIES and COMPLIANCE
GoldSky uses a simple unique approach to guide our clients through IT compliance programs we support. For most organizations, the first challenge is understanding the requirements. We teach our clients the standards and assist them in the controls implementation process.
Security assessments provide a view into the information security and compliance of an organizations data. When tied to a compliance metric, such as PCI or HIPAA, security assessments often become expensive, resource intensive, and difficult to analyze. The GoldSky Cybersecurity ScoreCard was designed to address this problem.


The GoldSky Cybersecurity Scorecard is a high-level IT Security risk assessment based on industry security standards and best-practices. The scorecard provides a quick view of your organization’s current security posture across five areas: People, Processes, Technologies, Facilities, and Compliance. These areas are assessed through interviews, vulnerability assessments, and other technical testing, to produce an easy-to-understand “scorecard” of your current security risk.

The security of your organization depends on the security of those around you. GoldSky develops custom supply chain assessments to review and rate the security of all your vendors, partners, and suppliers. We can design and execute this function, allowing you to continue to do business while improving your security at the same time.

How can GoldSky Security help you?

Contact the GoldSky office nearest to you for a Free Consultation.

“GoldSky Security has performed work with our company in the recent past. The GoldSky Security Team performed their duties as promised and in a high-quality manner, and we were very satisfied with the services they provided. We recommend considering GoldSky as your cybersecurity partner of choice. “

Nathaniel Thomas
CTO, sonobi