How It Works

From “where do we stand?” to “we’re covered”

A clear, four-step path — no jargon, no enterprise overhead.

1

Free Assessment

A 20-minute conversation and a quick read on your current security and compliance gaps.

2

Roadmap

A prioritized findings summary and remediation plan, mapped to the risks that actually matter for your firm.

3

Implementation

Controls configured and hardened inside your own Microsoft 365 environment — and fully documented.

4

Ongoing Oversight

Continues on a monthly retainer for monitoring, reporting, and keeping you audit- and insurer-ready.

Work directly with a CISM-certified principal — not a call center or a junior tech.

What You Receive

Clear reporting, every month

No jargon dumps. Each month you get a plain-language view of your security posture — your overall score, open risks, what’s been fixed, and what’s next — so leadership always knows where the firm stands.

Sample RiiZ Security monthly report showing an 84% overall security score and critical vulnerability trends

Sample monthly report — illustrative figures.

Every month, you can answer “are we safe, what’s open, and what’s next” with real evidence behind it — delivered in a form leadership can actually use, not a jargon dump.

FAQ

Common Questions

We already have some MFA in place. Does this still apply?
Yes. Most firms have partial MFA — gaps commonly show up on admin accounts, legacy apps, or remote access. The assessment identifies exactly where your coverage stops.
What if we're mid-renewal with our insurer?
This is often the best time to start — we can identify what your carrier requires and close the gaps before your renewal review.
Do you work with our existing IT person, or replace them?
We work alongside them. RiiZ leads security strategy and governance; we coordinate with your existing IT person or vendor on implementation, rather than replacing them.
Can we stop after Step 4's setup instead of continuing the retainer?
Technically, yes. But most GLBA/FTC and insurer requirements call for ongoing monitoring, not a one-time setup — which is why most clients continue with oversight.

Ready for the first step?

Start with a free 20-minute assessment. You’ll leave with clarity, whether or not we work together.

Schedule a Free Consult