Risk Assessments

Knowledge is power: A security strategy counts for nothing without visibility of your the security posture of your suppliers and your organisation. Willsley Consulting can offer assessments that shine a light on the road ahead.


The challenge

"Are we there yet?"

While you may understand the security destination for your organisation, you need to know where you are now to be able to answer that question. What's more, even if your organisation is secure, can the same be said of your third parties? One survey suggested that 53% of companies have experienced a data breach caused by a third party.

The traditional approach to this challenge has been via open-ended audit or a one-size-fits-all supplier assessment methodology. Audits work well but can be prohibitively expensive for smaller organisations, while sending complex supplier assessments to low risk companies risks them declining to complete your asessment.

The solution

Flexible fixed-scope risk assessments with a range of engagement levels

At the heart of all Willsley Consulting Risk Assessments is an analysis of gaps between stated practices and accepted secure practice, reviewed by experienced security professionals. Where we're different is that you can choose to only pay for the expertise, and perform the admin yourself. With our supplier security assessments, you can choose an assessment based on how risky that supplier is to your organisation.

Each assessment is designed to be DIY - we supply the assessment materials and provide guidance on collecting the information we need. Of course, If you need more help completing the assessment, assistance is available on an hourly basis for any questions you may want bespoke guidance to answer.

scott-graham-5fNmWej4tAA-unsplash (1)

The results

Visible risk with the detail to make decisions

A good risk assessment should achieve two things beyond just telling you what your risks are: It needs to articulate them clearly in a way that's useful to non-technical decision makers; and it needs to give you the options to deal with those risks.

Every Willsley Consulting risk assessment is supported by a detailed report in plain English that summarises both what was found and options to manage the risk.


Security Baseline Assessment: Self Assessed

A questionnaire-based assessment designed for small to medium organisations to assess their internal security posture.

£599 / assessment

Supplier Security Assessment: Self Assessed

A questionnaire-based assessment designed for the assessment of third parties with three levels dependant on the risk to your organisation.


Supplier Security Assessment: Managed

A questionnaire-based assessment designed for the assessment of third parties with three levels dependant on the risk to your organisation.

The managed package includes Willsley Consulting managing contact on your behalf with the supplier.


Learn More

Email or complete our online contact form to get a call back to discuss your organisation's needs.

How we use your information

If you use the contact form, the information you enter will be emailed to Google ReCaptcha is used for spam prevention and may set cookies on your system to enable this functionality. Disabling cookies may therefore prevent use of the form.

By using our form, or emailing us regarding a Security Risk Assessment consulting engagement, you're consenting to receive emails and/or phone calls relating to this service. Regardless of how you contact us however, we will never sell your information.

While persistence may pay off, we appreciate it's frustrating to keep receiving unwanted emails and calls. As such, we'll contact you once in relation to your query, and again to follow up if we haven't heard back from you. If we still can't reach you, or you haven't replied after this, we'll remove you from our contact list.

If you want us to remove you from our contact list at any other time, please email us at and we will remove you from our contact list.