Who clicked on that email "from" George?

ICT & Cyber Auditing Services

So everyone knows carrying out roadworthy and safety inspections on vehicles is important. Most also understand the benefits of auditing financial accounts for businesses. Similarly Information & Communication Technology (ICT) and Cloud Services should be periodically inspected or audited to ensure they are operating as expected. Regular review and assessment helps to avoid the majority of technically avoidable risks.

Auditing is not all about Risk Assessment, whilst risk a key reason to conduct an Audit we are also able to assist with Cloud Readiness Audits which help specify what infrastructure can be readily be moved to the Cloud and what may need changes before it would be Cloud Ready.

Tier One’s provides professional auditing services as a one off or recurring service to organisations that want to assess the health of their IT infrastructure and systems. We provide a written report of risks, issues, and opportunities which can then be actioned by your IT department or Managed Service Provider.

Common Sources of Cyber Risk

1. Inexperienced users and poor password policies & practices account for a significant number of cyber incidents

2. Email phishing, a leading cause of malware infection and credentials compromise

3. Social engineering and 3rd party targeting is used to trick people into giving up access and/or sensitive information

4. Poorly configured and maintained operating systems and applications with known flaws are a common yet avoidable cause of system infection and compromise

Mitigating the Risks

A) Educate users on Cyber Security and password management

B) Backup your data regularly and always keep n offline copy away from production

C) Implement two factor authentication (2FA) for important business systems and data repositories

D) Install firewall and malware protection solutions and regularly audit the infrastructure to make sure they’re working as expected


Aside from these basic tips a good Cyber Security Culture & Policy is not achieved with a click of your fingers. It’s something that needs to be developed and refined. If you’d like some assistance with your organisation’s Cyber Security get in touch.


“My message for companies that think they haven’t been attacked is: “You’re not looking hard enough”.

James Snook