Delivering Expert Cyber Security Solutions to small & medium-sized businesses

We focus on educating, transforming and protecting our clients from cyber threats

Learn About GoldSky


What is a Security Risk Assessment?

The Security Risk Assessment (SRA) is the first step every organization should take to understand their current security posture. GoldSky engineers use a threat-based framework to conduct a 360 degree assessment on your organization’s cybersecurity in five areas:

  • People.  People are the foundation of any risk assessment and the foundation of your business. GoldSky analyzes the risks that all your stakeholders pose to your cybersecurity posture, from hiring to daily operations to termination.
  • Processes. Your employees, partners, and customer have certain roles and responsibilities in your organization. In many cases, the processes in-place in your organization don’t support proper cybersecurity.
  • Facilities.  Securing the physical access to your data is critical. From securing on-site servers to laptops, GoldSky analyzes the best and most cost-effective methods for better securing your data from physical attacks.
  • Technologies.  The technologies we use put us at risk every day. GoldSky engineers inspect the hardware, software, and computers in your environment for vulnerabilities and unnecessary risks.
  • Compliance.  Do you see patients? accept credit cards? Hold sensitive data? The chances are that you’re subject to at least one legal or regulatory compliance mandate. GoldSky will discover those requirements to keep you in compliance and potentially avoid costly fines.

At the end of the engagement, you will receive a report detailing all the activities performed, your risk analysis, and a security roadmap. Assessment reports and security roadmaps are designed to be:

  • Risk Ranked to help you understand your highest areas of risk
  • Actionable to help you get on track FAST
  • Prioritized to help you focus your efforts


The Security Risk Assessment (SRA) is the first step every organization should take to understand their based framework to conduct a 360 degree  assessment on your organization’s cybersecurity in five areas PEOPLE, PROCESSES, FACILITIES & TECHNOLOGIES and COMPLIANCE
GoldSky uses a simple unique approach to guide our clients through IT compliance programs we support. For most organizations, the first challenge is understanding the requirements. We teach our clients the standards and assist them in the controls implementation process.
Security assessments provide a view into the information security and compliance of an organizations data. When tied to a compliance metric, such as PCI or HIPAA, security assessments often become expensive, resource intensive, and difficult to analyze. The GoldSky Cybersecurity ScoreCard was designed to address this problem.


The GoldSky Cybersecurity Scorecard is a high-level IT Security risk assessment based on industry security standards and best-practices. The scorecard provides a quick view of your organization’s current security posture across five areas: People, Processes, Technologies, Facilities, and Compliance. These areas are assessed through interviews, vulnerability assessments, and other technical testing, to produce an easy-to-understand “scorecard” of your current security risk.

The security of your organization depends on the security of those around you. GoldSky develops custom supply chain assessments to review and rate the security of all your vendors, partners, and suppliers. We can design and execute this function, allowing you to continue to do business while improving your security at the same time.

How can GoldSky Security help you?

Contact GoldSky Security for a Free Security Consultation.

Goldsky Newsletter

Sign up below to receive the latest news and security updates from GoldSky Security.

    “We could not be more pleased with our partnership with GoldSky Security. The experience and professionalism from your team has exceeded our expectations from day one. Your team was on-site within a week of our initial call. We appreciate the responsiveness and expertise you provided in performing our NIST 800-171 Gap Assessment and now CSOaaS program. Having an On-Demand CSO partner to assist us in building a sound cybersecurity program while maintaining NIST 800-171 compliance has proven to be both efficient and cost-effective. Thanks!”

    Ed Gillcrist
    Founder, The Shackleton Group