Security Audits & Compliance

Our security audits give you a clear view of your organisation’s risk posture and compliance gaps. We identify vulnerabilities, prioritise actions, and provide a tailored roadmap to strengthen your IT environment. Each assessment concludes with a board-level presentation outlining key findings, business impacts, and next steps - ensuring your technology strategy aligns with your compliance and security goals.

How The Audit Works

Discover

We collect system, cloud, and endpoint data using our vulnerability agent. This gives us a full picture of your current environment - without disrupting operations.

Analyse

Using our vulnerability agent and 365 alignment tool, we analyse vulnerabilities, user access, patching, exposed services, and compliance benchmarks to identify gaps.

Remediate

We give you a prioritised roadmap for improvement, mapped against compliance frameworks. Reports are human-reviewed and delivered with guidance - not just dumped.

What We Cover

Full Microsoft 365 Security Review

We analyse account security, Conditional Access, privileged roles, risky sign-ins, OAuth apps, and policy hygiene - benchmarking it against best practices and Secure Score baselines.

Internal Network Visibility

From patch levels to unsupported software, EDR status, and AD hygiene, we evaluate the real-world state of your environment and provide an inventory of connected devices.

External Perimeter Checks

We scan public IPs, web apps, SSL health, and exposed protocols (like RDP, VPN, and SSH), identifying what could be visible - and vulnerable - to an attacker.

Strategic, Local Advice

Your report isn’t just a dump of data. It’s delivered by a CIO-level consultant who walks you through the findings, prioritises actions, and aligns recommendations to your business and compliance needs.

Security Audit Outcomes

Executive Summary

A clear overview of your organisation’s key risks and exposure areas.

Microsoft Secure Score

A full Secure Score review with prioritised recommendations to strengthen your environment.

Security Roadmap

A step-by-step action plan for immediate and long-term improvements.

Presentation and Q&A Session

A board-ready presentation outlining findings, priorities, and next steps - followed by an open discussion to align technical detail with business strategy.

Frequently asked questions

Our assessment is non-invasive and doesn’t simulate attacks or exploit vulnerabilities. Instead, we use automated tools to scan your environment. You get clear, actionable insights - without the disruption or cost of red teaming.

We scan your Microsoft 365 tenant, internal infrastructure, and external perimeter. The audit covers patching, configuration, account security, exposed services, software vulnerabilities, and more. You’ll receive a prioritised remediation plan and compliance benchmarking.

Most audits are completed in 4-6 weeks, including planning, scanning, analysis, and presentation. The scanning phase usually takes just a few days, with minimal disruption to your systems.

Our tools are typically agentless and works via remote credentials or temporary access. We’ll coordinate any access or authentication securely with your team before scanning begins.

Yes. Our scans are read-only and scheduled to avoid business impact. No systems are taken offline, and no exploit attempts are made.

A senior consultant (usually a vCIO or security lead) will walk you through the findings, answer questions, and help prioritise the next steps for remediation.

This isn’t a penetration test, and it doesn’t include remediation work, social engineering tests (e.g. phishing), or continuous monitoring. 

Yes - we offer remediation support and ongoing managed security services if you'd like help implementing the changes we recommend.

Layer3 Logo
Layer3 is an ISO 27001 certified MSP in Wellington with offices across New Zealand. Get strategy-first IT, security and managed support from Layer3.
Services
Managed IT Co-Managed IT Managed Security Managed Network
ADDRESS
Level 2 CBD Towers 84-90 Main Street Upper Hutt Wellington, 5018 New Zealand
contact information
0508 LAYER3 (0508 529373) Contact Us Service Status
© 2025 Copyright Layer3.
Layer3 is a Silver Microsoft partner as well as an Authorised SPLA partner.
Terms of Business Privacy Policy