What We Examine
Technology Inventory & Assessment
Complete audit of your current systems, software, hardware, and cloud services. We map what you have, what it costs, and whether it's earning its place.
Cybersecurity Risk Assessment
Structured evaluation of your security posture against NIST CSF and CIS Controls. We identify your highest-risk exposures and prioritize them by impact.
Compliance Gap Analysis
Review of your obligations under applicable frameworks — HIPAA, state data privacy laws, grant requirements — and where you currently stand.
Vendor & Contract Review
Examination of your key technology vendor relationships, contracts, and service levels. We identify gaps, redundancies, and leverage points.
IT Governance & Decision-Making Review
How are IT decisions currently being made? Who has authority? Who has accountability? We map the current state and identify structural gaps.
What You Receive
Executive Summary Report
Board-ready summary of findings, risk levels, and strategic recommendations. Written for leadership, not technicians.
Risk Register
Prioritized inventory of identified risks with likelihood, impact, and recommended remediation for each.
Compliance Roadmap
Step-by-step path to closing compliance gaps, with realistic timelines and resource requirements.
Technology Rationalization Recommendations
Specific recommendations on what to keep, replace, consolidate, or eliminate in your technology stack.
90-Day Action Plan
Concrete, sequenced action items for the first 90 days — what to do, in what order, and why.
Vendor Accountability Framework
Templates and processes for ongoing vendor oversight, contract review, and performance management.
30-minute conversation to assess fit — no obligation
If you proceed to a monthly retainer within 30 days of completion, the audit fee is partially credited toward your first retainer period.
Ready to start?
Contact Lester Rogers directly to discuss whether the 30-Day Discovery Audit is the right first step for your organization.