Risk Assessments

Our Cybersecurity Risk Assessment Services are designed to change that—offering customized, standards-based assessments aligned to NIST 800-53 or the NIST Cybersecurity Framework (CSF) 2.0. Whether you're building your cybersecurity program from scratch or seeking a deeper understanding of your current exposure, we provide clear, actionable insights to strengthen your defenses.

Tier I: Framework Docs Pack (choose NIST 800-53 or CSF 2.0) — $350

What's Included:

Risk Assessment Template (800-53 or CSF 2.0)
Risk policy, methodology, and scoring matrix
Risk register, treatment plan, and acceptance forms
Asset inventory & data-flow templates
Seven (7) Days Consulting Support

Tier II: Targeted Customization — $750

What's Included:

Everything in Tier I
Tailored to what you need (e.g., vendor risk, OT, specific control families)
Seeded examples in the register and treatment plan
14 Day Consulting Support

Tier III: Consultant will run the Risk Assessment (remote) — $1,600

What's Included:

Everything from Tier I & Tier II
The consultant will run the full Risk Assessment remotely
All Policies identified as missing will be provided via templates
Top 15 risks with heat map, 30/60/90-day plan, and readout deck
30 Day Consulting Support

Why Pick our Services?

Tailored to You: Choose the framework that best fits your business—NIST CSF 2.0 or 800-53 (Tier I)
Expert-Led: Work with experienced cybersecurity risk professionals.
Actionable Output: Clear, prioritized recommendations and supporting documents.
Audit-Ready: Build confidence with policies and plans aligned to compliance standards.
Ongoing Support: Premium tier includes 30 days of guidance post-delivery.

Understanding the Importance of Risk Assessments:

Risk assessments are vital for effective cybersecurity. Here's why:

Risk identification: Organizations can prioritize mitigation efforts by evaluating threats and vulnerabilities.

Prioritization of efforts: Understanding the likelihood and impact of risks helps organizations focus on critical threats.

Compliance requirements: Regulations and frameworks mandate regular risk assessments, which demonstrate a commitment to safeguarding sensitive information.

Pricing: $350 to $1,600

Frequently Asked Questions

Please reach out to us at Risk@thecyberfriend.com if you cannot find an answer to your question.

What will happen to my Risk Assessment on The Cyber Friends end?

The Cyber Friend will hold onto the Risk Assessment for 30 Days as a backup just in case the party that has purchased the service was to misplace the document. The document will be Encrypted, Password Protected, and secured on a drive that will not be accessible to anyone without the three (3) keys needed to access the document (Encryption, Password, Safe Key). If past the 30-day mark, The Cyber Friend will no longer have the document; it is HIGHLY recommended that the document be backed up by the party and placed in a secure location.

Will The Cyber Friend sign an NDA?

Yes, The Cyber Friend will gladly sign an NDA if needed and/or required by the party that has purchased their services for the Risk Assessment.

How will the risk assessment be conducted?

The party will be provided with a questionnaire to gather information about their systems, processes, and potential risks. After the document is filled out and returned to The Cyber Friend, a review will occur, in which the party will receive a response with recommendations on how to improve their score.

Can you assist with implementing the recommended next steps or mitigating identified risks?

No, I will not have any access to your systems. You will be provided a list of questions, which you will go ahead and answer the provided document and send it back to The Cyber Friend. This document will then be reviewed and scored, and recommendations will be provided on improving your score.

Risk Assessment Services

Understanding the Importance of Risk Assessments:

Frequently Asked Questions

I hope you are ok with Cookies!