Data Breach Risk and Readiness Assessment

A focussed Cyber Security Readiness Assessment aimed at answering one critical question - ‘Is your organisation data-breach ready?’


A Comprehensive Score-Based Cyber Security Readiness Assessment

This data breach risk assessment scores the Breach Readiness or Cyber Attack Readiness of a specific group of people and how they respond to a specific cyber-attack scenario against a distinct critical asset.

This Cyber Security Readiness Assessment is performed in conjunction with and during our Cyber Crisis Tabletop Exercise (CCTE) and it measures the cyber attack readiness and scores various attributes of the exercise and the participants during the tabletop exercise.

Our Approach to the Data Breach Assessment

The image below describes our detailed approach to conducting a Breach Readiness assessment.  Similar to our other audits, the process in this Data Breach Risk Assessment is also fairly straightforward. We listen to and obtain information about your organisation, its critical assets, response plans and the role of key stakeholders during and after an attack.   

We, then, create a detailed attack scenario storyboard and corresponding presentation which will be used during the Cyber Crisis Tabletop Exercise (CCTE) workshop.  

Throughout the exercise, we will either record or closely monitor the participants and assess several attributes to arrive at a Breach Readiness maturity score.


CCTE Our Approach





What We Examine

As part of our Breach Readiness Audit, we will: 

  • Carefully examine Incident Response policies, processes and procedures.
  • Understand the key participants, their role and context.
  • Review past incidents, outages and cyber-attacks.
  • Understand your critical assets and processes.
  • Evaluate recent Security Breach Assessments.
CCTE Score Sample 1


This data breach risk assessment requires us to create a fairly detailed cyber-attack scenario and hence we will need to speak to one or more resources who can support us in creating this compelling scenario. 

Formal Score and Tangible Improvements

Our Cyber Crisis Tabletop Exercise (CCTE) helps answer one of the most important questions for the CEO and executive management - “Is your organisation breach ready?” 

Put another way, the breach assessment seeks to examine if your organisation is capable of rapidly detecting, effectively responding to and resuming or carrying on its business operations uninterrupted after a cyber incident.


We will provide you with a formal audit report with a maturity score for your Breach Readiness along with a breakdown of the additional observations made during the tabletop exercise.  The report also provides easy-to-understand recommendations on improving the score and closing the gaps. 

More information on this specific assessment is available in our CCTE page and brochure. CCTE: Management Report.

Note: The Breach Readiness audit does not conduct a comprehensive audit of your IT and/or cybersecurity controls. We do a cursory review of your existing processes, procedures and incident response related documentation. 

Assessment (1)


  • Demonstrates how prepared a select group of staff are to respond to a specific cyber-attack on a critical asset or assets. 
  • Allows you to track year-on-year progress of your readiness to demonstrate tangible progress and improvements. 
  • Satisfies current and future regulations that demand organisations carry out structured cyber tabletop exercises.  
  • Allows you to test your plans, procedures and staff in a safe but near-realistic simulated environment without disrupting regular business operations.
Breach Readiness Assessment

3 Key Benefits of Conducting a Breach Readiness Assessment


Identifies areas of improvement in the various aspects of crisis management, including, but not limited to collaboration, coordination, executive decisions.

Highly Cost-Effective & Safe

Our carefully planned assessment provides a highly cost-effective way to assess an organisation’s readiness as production systems or critical data are never at risk of being impacted.


Lists the efficiencies of existing processes, procedures and policies and provides actionable recommendations.

Client Testimonials

We have assisted numerous organisations including FIFA, NHS, Capita, BNP Paribas, Formula One Racing, British Medical Journal, and many more with assessments and audits. Here's some feedback from just a few of them.

Mudassar Ulhaq

Mudassar Ulhaq - Chief Information Officer -Waverton Investment Management

"I would recommend Cyber Management Alliance’s tabletop workshops to anyone genuinely interested in being on top of their cyber incident response strategies. The format and style of conducting the entire workshop is what I found a lot of value in. Most importantly, the scenarios on which the workshop was based were relevant to the business, making the exercise a great investment of time and resources."


Aaron Townsend - Service Delivery Manager - British Medical Journal

"In order for BMJ to the right way forward we looked for a VCISO to advise us on the right way to do things and give us expertise. We went to Cyber Management Alliance and it's been about a year now and we ran workshops, looked at our response to incidents, created the incident response plan and we are in a position now where we understand our way forward. Our VCISO keeps us on our toes and overall it's been a very effective way of delivering expertise into the organisation that we wouldn't have normally had."

Neil Mallon

Neil Mallon - Strategic Technology Leader - Aster Housing

"The Cyber Crisis Tabletop Exercise and corresponding audit conducted by Cyber Management Alliance Ltd was expertly delivered and has given us insights to reinforce our cyber strategy by continuing to help build the picture of where we were, where we are now, and our next focussed steps. We will be engaging CM-Alliance on an annual basis."

We're here to help

Why not book a discovery call to discuss your requirements?

Why not find out more about our audits and assessments? Book a no-obligation discovery call with one of our consultants. 

Let us show you why our clients trust us and love working with us.

We provide support on cybersecurity strategy, policies, incident response, gap assessments, SIEM assessments, GDPR, Cyber Crisis Tabletop Exercises, Breach Readiness Assessments, and more. Speak to us to find out how we can assist. 


James C - CEO, UK Hedge Fund

Amar and the team at Cyber Management Alliance have been a huge help in getting our firm positioned to deal with cyber security risk.  Having opened our eyes to the variety and scale of challenges we face, and the potential financial consequences, they worked closely with us to improve our infrastructure, processes and understanding to embed cyber awareness into the firm.  Their invaluable experience has guided us to the point where we should receive ISO27001 accreditation in the coming weeks – a key stamp of approval that lets clients know we take these risks very seriously.