top of page

Cyber Assurance Management System  (CAMS)

Our Cyber Assurance Management System (CAMS) provides the mechanism for quantitively measuring cyber security controls and performance against best practices and frameworks. CAMS is accessed and managed via an automated online portal and provides the capability to engage with formal questionnaires, assessments and receive dashboard reports on compliance controls and threat management defence.

These questionnaires can be those pre-designed for assurance against a baseline standard of Cyber Security and Resilience. Alternatively, they can be tailored to your specific needs and aligned to a particular framework or frameworks to meet your requirements. Furthermore, they will be mapped to threats, threat actors and defences to provide dashboard reporting of the state of health of your cyber security and resilience. 


All data is held securely with role-based access control aligned to your company standard, and within a protected SOC2, CCPA accredited environment. 


The nature of the portal is modular - questionnaires can be constructed to:  

  • Measure individual business units.

  • Individual business units aggregated to an overall group view.

  • A ‘group’ entity.


The assessments can be tailored to any business, sector or geography. They will provide the capability to wholly understand the current state of defences. Furthermore, an independent report can be generated that will fully satisfy and assure external auditors. 

The questionnaires, automated or bespoke, are designed to assess prioritised subsets of security practices, identify gaps in controls and threat defence, and support you in making prioritised recommendations for meaningful and economically viable mitigation. 


The reports that are provided as the output are informed by analysis of the most common and impactful threat actor(s) and the techniques they use, aligned to the industry vertical your company sits within.  



Dependent on the requirement of the assessment, thresholds of scores are set to demonstrate adherence to a ‘minimum viable product’ of cyber risk management, or they can be set to denote compliance or deviation from your company’s risk appetite. 

bottom of page