DefendArm SecurityDefendArm SecuritySecurity consulting for business
Self-assessment

Identity Risk Score

Estimate whether identity controls are strong enough for modern SaaS, cloud, and hybrid risk.

IdentityIAMAssessment
Are phishing-resistant MFA options used for administrators and high-risk users?
Are privileged roles reviewed and time-bound?
Are joiner-mover-leaver workflows reliable?
Are break-glass accounts protected and tested?
How to read the score

Use the result to pick the right size of next step.

Each assessment is a quick signal, not a final verdict. A lower score usually means the team needs a focused review soon, a middle score points to a targeted remediation sprint, and a higher score suggests the control set is working but still worth retesting after changes.

View all assessmentsOpen the assessment index
Current stateScore against how the environment works today

Answer for the state you can prove now, not the state you plan to have after a future project lands.

InterpretationUse the score to size the remediation effort

Treat low scores as an indicator for urgent review, mid-range scores as a sign to schedule a short sprint, and stronger scores as a prompt to validate the evidence and keep the controls current.

Follow-throughRetest after the control changes land

The point of the assessment is to give you a before-and-after view that shows whether the next round of work actually improved the risk.