Home » NIST Cybersecurity Assessment
Category: Cybersecurity
Analytix cybersecurity assessment service is designed to provide an assessment of your current cybersecurity practices, utilising a range of information gathering techniques including interviews, facilitated workshops, observations and the study of relevant company records and documentation.
Certified Assessors
Our certified assessors are highly competent and have been trained in performing NIST-based cybersecurity assessments.
Aim of the Cybersecurity Assessments
The aim of a cybersecurity assessment is to provide management the means of identifying, assessing, and managing cybersecurity risk across the various levels, i.e. Government, public sector, and private sectors.
The assessment results provide a determination of an organisations cubersecurity posture and can be used to:
- Monitor, through the Framework’s assessment model, an organisation’s cybersecurity profile
- Reassure management that information security and cybersecurity is in accordance with plans and risk appetite, particularly with regard to business and organisational objectives
- Ensure that the organisation’s information security and cybersecurity external obligations (regulatory, legislation, common law, contractual) and internal work practices are in place
We utilise a cybersecuirity assessment approach that can be used to compare an organization’s current cybersecurity activities with those outlined in the NIST Cybersecurity Framework’s “Core”. Through the creation of a Current Profile (posture), organisations can examine the extent to which they are achieving the outcomes described in the Core Categories and Subcategories, aligned with the five high-level Functions: Identify, Protect, Detect, Respond, and Recover.
The reporting of the Profiles, following assessments, would serve as important feedback that will allow the cybersecurity governance structures to monitor and benchmark the status of cybersecurity, e.g. at national, public sector, and private sector level.
An organization may find that it is already achieving the desired outcomes, thus managing cybersecurity commensurate with the known risk. Conversely, an organization may determine that it has opportunities to (or needs to) improve. The organization can use that information to develop an action plan to strengthen existing cybersecurity practices and reduce cybersecurity risk. An organization may also find that it is overinvesting to achieve certain outcomes. The organization can use this information to reprioritize resources to strengthen other cybersecurity practices.
While they do not replace a risk management process, these five high-level Functions will provide a concise way for senior executives and others to distill the fundamental concepts of cybersecurity risk so that they can assess how identified risks are managed, and how their organization stacks up at a high level against existing cybersecurity standards, guidelines, and practices. The Framework can also help an organization answer fundamental questions, including “How are we doing?” Then they can move in a more informed way to strengthen their cybersecurity practices where and when deemed necessary.
The NIST Cybersecurity Framework (CSF) provides an assessment mechanism that enables organizations to determine their current cybersecurity capabilities, set individual goals for a target state, and establish a plan for improving and maintaining cybersecurity programs.
The output of the process is a cybersecuirty asssessment report which includes:
- A quality review of the organisation’s cybersecurity against the NIST Cybersecurity Framework’s (CSF) guidelinesDescribe their current cybersecurity posture (As-is)
- Describe their target state for cybersecurity (To-be)
- Identify and prioritize opportunities for improvement within the context of a continuous and repeatable process
- Benchmark and compare organisations
- Assess progress toward the target state
- Communicate among internal and external stakeholders about cybersecurity risk
Our NIST Cybersecurity Framework Assessment will assist your management to:
- Describe their current cybersecurity posture (As-is)
- Describe their target state for cybersecurity (To-be)
- Identify and prioritize opportunities for improvement within the context of a continuous and repeatable process
- Benchmark and compare organisations
- Assess progress toward the target state
- Communicate among internal and external stakeholders about cybersecurity risk
Train Your Team In-house
Frequently Asked Questions
Use our FAQ to quickly find the answers to the most common questions asked by customers.
Why choose us?
We have over 22 years of experience in helping businesses and employees reach their potential with advanced skills and certifications, no matter what their industry or background experience.
All our services are bespoke, which means we offer the freedom and flexibility to create a solution specific to your industry & training needs.
We can use one or more of our services to deliver the outcome required to gain the maximum results for your business.
Specialist Consultancy Services
We offer a free introductory consultation service, to get an understanding of your organisation, your working environment & your training needs.
Our expertise & experience, combined with your working knowledge, delivers results that are practical & specific to your needs.
Training That Works
We have been involved in many differing, diverse & interesting projects & we have built relationships with organisations from varying industries & sizes. Our efficient, cost-effective and engaging training courses are designed for your company and team to improve the overall business performance and equip employees with up-to-date skills and knowledge.
Talk to us today, and let us help you develop your team with our bespoke training and consultancy services.
Do you only deliver training in Johannesburg?
No, we deliver training in all 9 provinces within South Africa. We have also delivery training in several countries such as Belgium, The Kingdom of Saudi Arabia, Togo, Zambia, Rwanda, Tanzania and Swaziland.
What are the minimum and the maximum number of candidates we can train in-house?
The minimum number of candidates required for in-house training is 6. With regard to the maximum number, this depends a little on the size of the training room you have available, but we normally say between 15 – 25.
Can you tailor the course to our specific requirements?
Yes, all of our courses can be tailored to your requirements. We will aim to refer to working examples within your business or industry.
Who are your clients?
Our clients come from companies and organisations of all sizes within the public and private sector. We work in most industries and have a proven track record of delivering high levels of customer satisfaction. See some of the names we have worked with here.

Instant Purchase in 4 easy steps!
- Pay with card
- Receive an instant download link
- Click on the download link
- Files download straight to your PC