DeepScan Information Security: in-depth and verifiable insight

The DeepScan builds on the QuickScan and delves deeper into the policies and processes that emerged. We look at how policies and processes actually work and are set up. In doing so, we ask for processes to be shown in practice. The DeepScan also includes an extensive tour, where we engage employees to test how processes and policies work.

The DeepScan in 5 steps

1. Preparation & scope

  • Sharpening the scope in response to the QuickScan findings.
  • Retrieve relevant policy documents, process descriptions and records.

2. Document review (in-depth)

  • Testing whether policies and procedures are congruent with practice.
  • Check consistency between policies, risks and measures.

3. Practical test & tour

  • Live test processes (e.g. user lifecycle, backup-restore, patch process).
  • Questioning employees on implementation and understanding of policies.
  • Record findings with supporting documents where possible.

4. Analysis & validation

  • Mapping gaps against legal and standards frameworks.
  • Prioritisation by opportunity × impact with clear follow-up.

5. Reporting & feedback

You will receive a report with:
  • Findings by domain/process.
  • Test results (document vs practice).
  • Concrete improvement plan with priorities.
  • Handle towards NIS2/ISO 27001/NEN 7510.
Get in touch

Experts speak

Download the QuickScan Whitepaper!

Curious how we approach our QuickScan and whether this is something for you? Then receive our QuickScan Whitepaper for free by email right now! This whitepaper shows examples of reports and how we give you insight into where your organization can improve in cybersecurity.

*I agree with the privacy statement and give Sphere IT permission to send the QuickScan by email.

What does the DeepScan benefit your organisation?

Testable verification
The DeepScan checks not only whether policies are good on paper, but also whether they are actually implemented in practice.
Strong basis for NIS2, ISO 27001 and NEN 7510
With the DeepScan, you lay a foundation in line with the requirements of key legal and standards frameworks.
Verification of policies and processes
We test whether roles, responsibilities and procedures are really followed within the organisation.
Effectiveness and opportunities for improvement
You get a clear picture of how effective your current approach is and where the biggest areas for improvement lie.
Evidential insight
You get in-depth, substantiated insight into how your security processes actually work.
Concrete improvement plan
The DeepScan results in clear priorities and follow-up actions that allow you to improve immediately.
Basis for compliance and certification
The report provides a solid foundation for pathways towards compliance and certification.
Get in touch
  • Maroche Delnoy
    Cybersecurity Specialist
  • Steven Van Hal
    IT-security Consultant
  • Dave Breijman
    Security Architect

How protected against cyber threats are you ?

Take the Quiz!

Step 1 of 11

You receive an email from your “bank or government agency” asking for your login details. What do you do?(Required)

Our cyber insights in practice

How your MFA can be bypassed: AiTM Phishing

AiTM (Adversary-in-the-Middle) phishing is an advanced technique that gives hackers direct access to your accounts.

Read more

Sphere IT's QuickScan

Get quick insight into your cybersecurity with Sphere IT's QuickScan: effective and action-oriented.

Read more

IT security at its core

Ensure in-depth digital security with Sphere IT's DeepScan: insight and certainty for your organization.

Read more

FAQ

QuickScan gives a quick and broad overview of risks and areas for improvement. DeepScan goes deeper: we test documents and actual implementation among employees and in processes.
Yes, the DeepScan provides in-depth review that helps to meet these frameworks and support certification processes.
It is highly recommended to first perform a QuickScan before starting the DeepScan. The QuickScan acts as an initial exploratory analysis. Based on those findings, we can specifically determine where we need to go deeper during the DeepScan.

Get in touch

Interested in a DeepScan for your organisation?
Email info@sphereit.nl or fill in the contact form on our website.