// THE FRONT DOOR
The Cyber Check.
42 controls. 12 domains. Fully remote. 14 days.
A productized assessment of your security posture, mapped to NCC-CY Cyber Hygiene, DORA, NIS2 and insurance-readiness requirements. €1,650 flat. Three audiences, three artifacts. Delivered in 14 calendar days.
// CYBER CHECK
Flat price · 50% on signing, 50% on delivery
14 calendar days · fully remote · ~12 hours of Tessera delivery, ~6 hours of client time. Suitable for any SME up to ~50 staff. Bigger teams or multi-entity setups get a custom scope after the free Quick Look.
// THE DIFFERENCE
What makes the Cyber Check different.
Regulator-aware
Mapped to NCC-CY Cyber Hygiene, DORA, NIS2 and insurance-readiness — not bolted on. Built for Cyprus's regulated industries.
Identity-first
Delivered by the author of the A.I.D. Identity Governance Model. The thing every auditor now asks about is the first thing examined.
Three audiences, three artifacts
Executive Scorecard for the board. Detailed Findings for IT. 90-Day Roadmap for the budget owner. No 200-page PDF nobody reads.
// WHAT'S COVERED
42 controls across 12 domains.
Evidence-based scoring from client-supplied screenshots, configuration exports and a 60-minute technical deep-dive call. Every control mapped to a recognised framework so the answer holds up in a regulator or insurer conversation.
// YOU RECEIVE
Three artifacts. Three audiences.
Executive Scorecard
One page · board-forwardable · red / amber / green
Detailed Findings Report
15–20 pages · IT-actionable · evidence-linked
90-Day Roadmap
Prioritised remediation with effort & cost estimates
Readout call
60 minutes with leadership, walking through every finding
Not included: penetration testing, active technical validation against production systems, or remediation implementation. Each is detailed in the 90-Day Roadmap and available as a separate engagement.
// HOW IT RUNS
From call to roadmap in 14 days.
Qualification call
30 min · freeTen diagnostic questions about your setup. By the end, 80% of what's wrong is already clear — and you walk away with three immediate, actionable tips. If a Cyber Check isn't the right fit, Tessera will say so.
Evidence collection
Async · ~6 hrs of client timeTessera shares a structured request list: configuration screenshots, tenant exports, policy documents, MFA & access reports. You upload to a secure portal at your own pace.
Technical deep-dive
60-min remote callA focused video call to walk through anything the evidence didn't fully answer — tenant setup, access control logic, backup posture, identity edges. No office visit required.
Scoring & report build
~12 hrs Tessera deliveryEvidence-based scoring across 42 controls in 12 domains, mapped to NCC-CY Cyber Hygiene, DORA, NIS2 and insurance-readiness requirements.
Readout & roadmap
60-min leadership callWalk-through of the Executive Scorecard with leadership, then the 90-day roadmap. Some fixes your team handles; others can move into a fixed-price project or a Cyber Care Plan from €350/month. No pressure either way.
// OPTIONAL ADD-ON
Regulatory Evidence Pack.
Cyber Check standard deliverables serve executive and IT audiences. For CySEC CIFs, NIS2 important entities, and firms preparing for audit or insurance underwriting, Tessera offers an optional evidence pack.
- Documented control-by-control evidence log with timestamps and screenshots
- DORA ICT register template, pre-populated from the assessment
- NIS2 incident classification matrix mapped to your operations
- Audit-ready format acceptable to CySEC, insurance underwriters and Big 4 auditors
Available with any Cyber Check. Ordered separately after the base assessment completes.
Not sure if you need one?
Start with a Free 30-min Quick Look. Tessera will talk through your setup and tell you honestly whether a Cyber Check is the right next step.
Book a Free 30-min Quick Look