Pragmentum Security

Understand the condition of your information security program

This assessment is a short, focused review of how your business currently approaches information security and where clarity will benefit the most. It provides orientation and confidence for decision-making, not a detailed diagnosis.

This assessment is referred to as a Trust Assessment because it looks at how information security actually shows up in day-to-day operations and what level of confidence that supports.

What this assessment is

This assessment looks at observable practices and behaviours across people, process, proof, and partners, using a maturity scale to show where things are stable, emerging, or still informal.

The goal is to establish a clear baseline and support better decisions about what matters most next.

What it covers

The assessment typically considers:

  • how information security shows up in day-to-day operations
  • how clearly roles, routines, and expectations are defined
  • how consistently key practices are followed
  • what evidence exists to support decisions
  • how external partners affect trust and risk

How it works

The assessment uses a maturity matrix to show how each area of the program currently operates, from early and reactive through to stable and resilient.

In many cases, parts of the assessment are completed through guided self-reflection, supported by discussion and interpretation. The focus is on what is observable today, not what is intended or documented.

A simplified view of the TrustHarbor maturity model.

This assessment focuses on understanding where you are today, not what is intended or documented.

What you get

  • a clear view of your current trust and maturity position
  • insight into strengths and areas that need support
  • prioritized areas for improvement
  • a shared language for discussing information security decisions

The assessment is designed to be useful on its own, even if no further work follows.

What it is not

  • not a compliance audit
  • not a certification exercise
  • not a risk assessment
  • not a sales pitch

A risk assessment is a separate step and is often more effective once priorities are clear.

What happens next

After the assessment, you’ll have a clearer view of your current position and options.

For some businesses, that’s enough. For others, it becomes the foundation for a targeted risk assessment or program development work. Any next steps are discussed openly and decided together.

Get started with your free assessment

No obligation. The assessment is designed to be useful on its own, even if no further work follows.