Cyber Steps is delivered by CyberWorqs, an Australian based cyber risk management consulting firm. We work with businesses across all industry sectors to help management teams understand cyber security risk as an operation risk and what it takes to build a cyber security culture in the organisation.

Our team of coaches are seasoned professionals with extensive expertise in ISO 27001 and cybersecurity governance, risk and compliance. They bring practical insights and industry best practices to guide you effectively.

Our coaching process involves tailored sessions where we address your specific needs and goals for ISO 27001 implementation. We work closely with you to customise the format, topics, and learning approach.

Absolutely! You have full control over the topics covered in each coaching session. We’re happy to provide guidance but overall we adapt the content to align with your priorities and areas of focus.

If this is the case we can spend some of our initial session assessing your organisation's unique requirements to help identify the most relevant topics to cover. We will also help you plan a roadmap.

We work to your timing and budget. It is important to remember that implementing ISO 27001 involves making changes to your business. Depending on what changes are required, you can expect it to take 3-6 months to implement an ISMS.

Yes, flexibility is built into our coaching approach. As your needs evolve, we can modify the format and content of the sessions to ensure continued relevance and effectiveness.

Yes, our coaching program can be extended to include your team members. We encourage workshops for knowledge sharing and offer guidance on how to cascade the learnings to your wider organisation.

We offer online coaching sessions to accommodate your preferences and geographic location.

Absolutely! Our coaching sessions are designed to address your unique challenges and provide targeted solutions tailored to your organisation's needs.

We strive to accommodate your timeline. Once you purchase your desired program we can promptly book in the first coaching session.

By participating in our coaching program, you can expect to gain a deeper understanding of ISO 27001, whether this be a specific control we are focusing on or an area of the framework. You will be able to confidently navigate the next step towards a successful certification and overall improved cyber security posture for your business.

Our coaching services are packaged up in three offers, with different hours depending on what you require. Our support services are single engagements or ongoing services to complement your ISO 27001 implementation and obligations. Coaching services are best for those who are working through their ISO 27001 framework, our support services are for more individual circumstances or specific times within the implementation and certification lifecycle.

The comprehensive report includes an executive summary and indicative Statement of Applicability. It provides a detailed analysis of your current security posture and the Annex A controls that are likely to be applicable to your ISMS.

Yes! Outsourcing internal audits ensures that they are conducted correctly and thoroughly by expert analysts. It brings an unbiased perspective and ensures compliance with the mandatory audit requirements. We can help you conduct these audits, simply get in touch.

After the internal audit, you will receive a detailed report that provides insights into your organisation's adherence to ISO 27001 requirements. The report will highlight areas of strength, non conformities and areas that need improvement.

We’d recommend a pre-audit assessment where we’ll review your mandatory policies and ISMS. It identifies gaps and we provide you with a report with actionable steps to polish your ISMS. We also offer an audit coaching service to provide guidance and help you anticipate and answer audit questions effectively. It prepares your organisation for the certification audit and ensures readiness.

The online training subscription (USecure) is an annual subscription which delivers monthly learning modules in the form of videos and quizzes. It also includes a monthly simulated phishing test to enhance employee awareness and response to phishing attacks. Real-world phishing scenarios are simulated to test and improve their ability to recognise and respond to potential threats. It enables ongoing employee education and training on cybersecurity risks, ensuring ISO 27001 compliance.

Cyber risk management services involve identifying and assessing potential risks to your organisation's information security. It includes implementing risk treatment measures in line with the ISO 27001 framework.