Embedded Files
Strategic Security Leadership - Delivered Your Way
Emfris Limited’s Fractional CISO service provides organizations with flexible, outcome-based access to senior information security expertise. Each engagement is delivered as a discrete work package, scoped for clarity and measurable results.
Example Work Packages & Typical Credits
Below are our most popular Fractional CISO work packages. Each package is assigned a typical credit range (1 credit ≈ 1 day’s advisory effort). Actual credits may vary based on your organization’s size, complexity, and specific requirements.
Work Package
Work Package
Security Architecture Impact Assessment
Description
Description
Assess impact of technology changes on security architecture; includes review, interviews, and reporting.
Typical Credits
Typical Credits
Small: 3 credits
Medium: 4–6 credits
Complex: 7–10 credits
Information Security Policy Review & Recommendations
Review single policy or suite; gap analysis, annotated docs, prioritized recommendations
Small: 3 credits
Medium: 5–7 credits
Complex: 8–12 credits
Security Framework Preparedness Assessment (e.g., ISO 27001)
Partial scope or small org: 5; full readiness for mid-size org: 8–12; large/complex org: 13–20+
Small: 5 credits
Medium: 8–12 credits
Complex: 13–20+ credits
Security Solution Design
Design simple solution (e.g., MFA): 4; complex architecture: 6–8; enterprise-wide: 9–14
Small: 4 credits
Medium: 6–8 credits
Complex: 9–14 credits
Bespoke Implementation Advisory
Advise on one-off security control/process; planning, guidance, handover.
Small: 4 credits
Medium: 7–10 credits
Complex: 11–16 credits
Security Awareness Training
Develop materials and deliver basic session: 3; tailored/multi-session: 4–6; enterprise-wide: 7–10
Small: 3 credits
Medium: 4–6 credits
Complex: 7–10 credits
Incident Response Readiness Assessment
Basic review/playbook: 4; deep-dive, multiple playbooks: 6–8; complex org: 9–14
Small: 4 credits
Medium: 6–8 credits
Complex: 9–14 credits
Board/Executive Cyber Risk Briefing
Prepare briefing: 2; deliver session/Q&A: 3–4; tailored for multiple boards/executives: 5–7
Small: 2 credits
Medium: 3–4 credits
Complex: 5–7 credits
Credits are always linked to defined deliverables, not just time spent. If your needs fall outside these packages, we’re happy to scope a bespoke engagement.
Credits vs. Bespoke Pay-Later Options
Credits vs. Bespoke Pay-Later Options
Credits Model:
Purchase credits up front and draw down for advisory work packages as needed.
Credits can be used flexibly across all Fractional CISO, Cloud, DevOps, and FinOps services.
Unused credits can be rolled over to future engagements or applied to other packages.
This model provides budget certainty, priority access, and streamlined engagement.
Bespoke Pay-Later:
For unique or complex requirements, we offer tailored engagements billed on completion.
Each bespoke engagement is scoped individually, with clear deliverables and pricing.
Ideal for organizations preferring traditional project-based billing or requiring highly customized solutions.
Which is right for you?
Credits are best for organizations seeking flexibility, predictable costs, and the ability to mix and match advisory services.
Bespoke pay-later is ideal for one-off projects, highly specialized needs, or when scoping is required before commitment.
Ready to Get Started?
Ready to Get Started?
Contact Emfris Limited to discuss your security leadership needs, request a tailored proposal, or learn more about our credits and bespoke engagement options.
Page updated
Report abuse