Introduce yourself below and receive your free data sheet now.


Delivering expert cyber security solutions to small and medium-sized businesses

Learn More


What is a Security Risk Assessment?

The Security Risk Assessment (SRA) is the first step every organization should take to understand their current security posture. GoldSky engineers use a threat-based framework to conduct a 360 degree assessment on your organization’s cybersecurity in five areas:

  • People.  People are the foundation of any risk assessment and the foundation of your business. GoldSky analyzes the risks that all your stakeholders pose to your cybersecurity posture, from hiring to daily operations to termination.
  • Processes. Your employees, partners, and customer have certain roles and responsibilities in your organization. In many cases, the processes in-place in your organization don’t support proper cybersecurity.
  • Facilities.  Securing the physical access to your data is critical. From securing on-site servers to laptops, GoldSky analyzes the best and most cost-effective methods for better securing your data from physical attacks.
  • Technologies.  The technologies we use put us at risk every day. GoldSky engineers inspect the hardware, software, and computers in your environment for vulnerabilities and unnecessary risks.
  • Compliance.  Do you see patients? accept credit cards? Hold sensitive data? The chances are that you’re subject to at least one legal or regulatory compliance mandate. GoldSky will discover those requirements to keep you in compliance and potentially avoid costly fines.

At the end of the engagement, you will receive a report detailing all the activities performed, your risk analysis, and a security roadmap. Assessment reports and security roadmaps are designed to be:

  • Risk Ranked to help you understand your highest areas of risk
  • Actionable to help you get on track FAST
  • Prioritized to help you focus your efforts


The Security Risk Assessment (SRA) is the first step every organization should take to understand their based framework to conduct a 360 degree  assessment on your organization’s cybersecurity in five areas PEOPLE, PROCESSES, FACILITIES & TECHNOLOGIES and COMPLIANCE
GoldSky uses a simple unique approach to guide our clients through IT compliance programs we support. For most organizations, the first challenge is understanding the requirements. We teach our clients the standards and assist them in the controls implementation process.
Security assessments provide a view into the information security and compliance of an organizations data. When tied to a compliance metric, such as PCI or HIPAA, security assessments often become expensive, resource intensive, and difficult to analyze. The GoldSky Cybersecurity ScoreCard was designed to address this problem.


The GoldSky Cybersecurity Scorecard is a high-level IT Security risk assessment based on industry security standards and best-practices. The scorecard provides a quick view of your organization’s current security posture across five areas: People, Processes, Technologies, Facilities, and Compliance. These areas are assessed through interviews, vulnerability assessments, and other technical testing, to produce an easy-to-understand “scorecard” of your current security risk.

The security of your organization depends on the security of those around you. GoldSky develops custom supply chain assessments to review and rate the security of all your vendors, partners, and suppliers. We can design and execute this function, allowing you to continue to do business while improving your security at the same time.

How can GoldSky Security help you?

Contact GoldSky Security for a Free Security Consultation.

“We are grateful to GoldSky Security for performing our Enterprise Security Risk Assessment & NIST 800-171 Gap Assessment. The engagement proved to be invaluable in assisting LSI on our journey to attain CMMC accreditation. The onsite portion of the assessment was exceptional. It was evident the GoldSky Security team we worked with were extremely knowledgeable in Federal Security contracting space. The Threat out brief report they provided was extremely detailed which will help us transform our company into a security conscious culture that will dramatically reduce our risk over time. Thanks again! ”

Jeff Tibbetts
Vice President and CIO, LSI, Inc

CONTACT US FOR A FREE CONSULTATIONGetting started in security can be challenging. Let us help ease the burden of security and compliance with our small-mid sized business services and solutions.