One bad week can undo years of work
A ransomware attack locks your systems for a week. A data breach triggers legal action under the Swiss nDSG or the European GDPR. A former employee still has full access to your client files, and nobody noticed. These things happen to companies like yours. Every week.
The IT & Security Health Check shows you exactly where your business is vulnerable, and gives you a concrete plan to fix it before it costs you money, clients, or your reputation.
Book a free discovery call →Why should you care?
Let’s be direct. Security for its own sake doesn’t pay the bills. But a data breach does cost money. A lot of it. The average for a mid-sized company sits above CHF 100,000, and that’s before you count lost clients, legal fees, and the weeks your team spends cleaning up instead of doing their actual work.
The real problem isn’t some dramatic hacking scenario. It’s the quiet stuff that piles up when nobody’s watching:
An IT setup that grew fast without anyone stepping back to check if it still makes sense.
People who left the company months ago, but their accounts are still active.
Backups that exist on paper but have never been tested (would they actually work?).
Sensitive client data sitting in places nobody has mapped.
No plan for what happens when something breaks.
Any one of these can stop your operations, land you in legal trouble, or both. Together, they’re a ticking clock.
Who is this for?
This service is built for companies with 25 to 250 employees that:
Have grown fast and suspect their IT hasn’t kept pace with the business.
Don’t have a dedicated security person or a strategic IT leader in-house.
Want to understand their exposure before an incident forces them to.
Need an honest outside perspective, not from a vendor trying to sell products, but from someone who’s actually sat in the Head of IT chair.
What we look at
The Health Check covers seven areas. Each one ties directly to your ability to keep operating, stay compliant, and protect your business.
1
Infrastructure overview
Is your foundation solid? Or are you running on outdated systems with hidden single points of failure that could take everything down?
2
Identity & access management
Who has access to what? Can a former employee still log in? Could one compromised password give someone the keys to everything?
3
Security fundamentals
Are your devices protected? Are critical updates being applied? Or are you running with known holes that any attacker could walk through?
4
Backup & recovery
If ransomware hit tomorrow, could you actually recover? How much data would you lose? How long would operations be down?
5
Data protection & privacy
Where is your sensitive data? Who can access it? Are you meeting your obligations under the Swiss nDSG or the European GDPR? A gap here can mean fines and lawsuits.
6
Processes & documentation
When someone joins or leaves, is there a reliable process? Or does it depend on one person remembering what to do?
7
Awareness & human factor
Would your employees recognize a phishing email? Do they know what to do if they click one? Human error causes more security incidents than anything else.
How it works
1
Discovery call (30 min, free)
We talk about your business, your concerns, and your current setup. This is to make sure the Health Check is actually the right fit for you, and to focus on what matters most.
2
On-site assessment (1 day)
I spend a full day in your environment. I review systems, talk to your IT team and key people, and see how things actually work in practice, not just what’s written in a policy document. For companies outside of reasonable travel distance, this can be done remotely.
3
Analysis & report (1-2 days)
I put together a clear, structured report. Not a 200-page technical document that nobody reads. A focused 15-to-20-page report written for decision-makers. Every risk is ranked by business impact, so you know what to fix first.
4
Presentation & discussion (1 hour)
I walk your management team through the findings, answer questions, and help you understand the priorities. No jargon, no scare tactics. Just a straight conversation about where you stand and what to do next. On-site or remote, your choice.
What you get
A professional written report, readable by both technical and non-technical people.
A maturity rating across all seven areas, so you see at a glance where you’re solid and where you’re exposed.
A prioritized list of risks, ranked by business impact, not just technical severity.
A practical roadmap with clear next steps and realistic timelines.
Quick wins you can act on right away, with minimal effort and cost.
A follow-up call two weeks after delivery for any remaining questions.
What’s not included
(available as separate engagements)
• Penetration testing or vulnerability scanning
• Implementation of recommended changes
• Legal compliance certification or formal audit
• Ongoing monitoring or managed services
Investment
CHF 4,500
Fixed price, all-inclusive for the scope described above.
• Travel within Switzerland: included (accommodation excluded if an overnight stay is required)
• Travel outside Switzerland: travel costs quoted separately after the discovery call
• Payment terms: 50% upon confirmation, 50% upon report delivery
To put that number in perspective: most companies spend more than this on a single day of unplanned downtime.
What typically happens next
Most clients decide to fix the critical findings from the report. OXIVRA can help with that too:
Implementation projects
Addressing the top priorities, from access management to backup strategy to process automation, so your business is actually protected and your team can get back to real work.
Quarterly reviews
Regular check-ins to make sure things stay on track as your business grows and your environment changes.
Training & awareness
Practical workshops for your team on security, IT policies, and AI adoption, because the best security investment you can make is an informed team.
These are separate engagements, scoped and priced based on your specific situation.
Ready to find out where you stand?
Book a free 30-minute discovery call. No commitment, no pitch. Just an honest conversation about your IT and security.
Book a discovery call →