What does the IT assessment cost?

It is free. Fusion Computing's 168-point IT assessment is delivered at no cost to qualified Canadian businesses with 10 to 150 employees. You receive the full written report whether you become a client or not.

How long does the IT assessment take?

Most IT assessments take about two weeks from kickoff to report delivery. We handle the data gathering, then deliver the written report shortly after.

What is the difference between an IT business assessment and a cybersecurity assessment?

The IT business assessment is broad and free: a 168-point survey across security, infrastructure, operations, IT spending, and organizational readiness. The Cybersecurity Gap Assessment is the focused, paid engagement (typically $2,500 to $6,500, fixed-fee) that goes control-by-control against CIS Controls v8.1 with evidence collection and an insurer-ready report. Start broad with the free assessment; commission the gap assessment where it flags security risk.

Do I need to be a Fusion client to get an assessment?

No. The IT assessment is a standalone engagement. You can act on the findings with Fusion, hand the report to your existing provider, or build an internal plan. The report is yours.

What frameworks does the assessment follow?

Fusion Computing's IT assessment is mapped to CIS Controls v8.1, CyberSecure Canada, and CPCSC. These are the frameworks that insurers, auditors, and compliance reviewers recognize.

Free IT business assessment

Free 168-Point IT Assessment

A CISSP-led, framework-mapped review of your security, infrastructure, compliance, backup, and IT spend. No sales pitch, the written report is yours to keep.

168 checkpoints scored against CIS Controls v8.1
Risk-ranked findings plus a 30/60/90-day plan
Written report in about two weeks
Yours to keep, even if you never hire us

See managed IT services →

Available across Toronto, Hamilton, Vancouver, and remotely Canada-wide. A senior consultant replies within one business day.

Why teams trust the Fusion assessment

50 Best Managed IT
Named two years running, 2024 and 2025
4.9 on Google
93% first-contact resolution
500+ Canadian SMBs
Supported since 2012
CISSP-led
Mapped to CIS Controls v8.1

What we review

168 checkpoints across six areas

A full review of your technology environment, written for decision-makers, not just technicians.

Security gaps
MFA coverage, endpoint protection, and email filtering scored against CIS Controls v8.1, with the specific gaps insurers flag at renewal named directly, not a generic pass or fail.
Compliance readiness
Where you actually stand on PIPEDA, CyberSecure Canada, and any sector rule that applies, mapped to the evidence an auditor or underwriter asks to see.
Infrastructure health
Server age, network design, cloud setup, and hardware past end-of-life, with a replacement timeline so nothing critical fails on a Friday afternoon.
Network performance
Bandwidth, segmentation, wireless coverage, and the single points of failure that take a whole office offline the moment they go down.
Backup and disaster recovery
Whether your backups restore and not just run, your real recovery time, and the immutable offsite copy insurers now require to bind coverage.
IT spending
License overlap, unused SaaS, and a 3-year budget forecast, where the Microsoft 365 license-waste line alone often funds the whole remediation plan.

The deliverable

A board-readable report in about two weeks

The output is a written report with findings, risk scores, and a list of fixes ranked by business impact. It is built for decision-makers, and it is yours to keep, hand it to another provider or use it to build your own plan.

The methodology is anchored to ITIL 4 and ISO/IEC 20000-1 service management, with CCCS baseline controls and CIS Controls v8.1 used to score the security overlay, so the report reads in the language an internal auditor, an insurer, or an incoming CIO already knows.

Why it matters now

The evidence Canadian SMBs are missing

IBM Cost of a Data Breach, 2025
$6.98M average Canadian breach
A documented assessment is the entry point for the controls insurers and regulators now require.
Read more
Statistics Canada, 2023
Only 59% identify cyber risk
Four in ten Canadian businesses run with no documented risk register or control-framework mapping.
Read more
Gartner, 2024
25%+ SaaS overspend by 2027
A licensing audit routinely surfaces six-figure reclamation in 50-user environments before new spend.
Read more
CIRA Cybersecurity Survey, 2025
24% hit by ransomware
Most SMBs lack the evidence package CyberSecure, PIPEDA, and underwriters request at renewal.
Read more

Who it is for

You do not need to be in crisis

Most teams that book an assessment share one of these four situations.

Your IT person left
Nobody knows what is configured, what is licensed, or what is exposed, and the documentation walked out the door with them.
You are growing fast
What worked for 20 people breaks at 80. Find the constraints before they turn into outages and emergency spend.
You had an incident
Ransomware, data loss, or extended downtime, and you need to know what else is exposed before it happens again.
You are preparing for compliance
A contract, a cyber-insurance renewal, or an audit needs documented proof of security maturity, on a deadline.

How it works

Three steps, no obligation

The report is yours regardless of what you decide afterward.

1. Initial conversation
A 30-minute call to learn your environment, your concerns, and what triggered the review. No prep needed on your end.
2. 168-point review
Our team runs the full assessment across all 168 checkpoints and handles the data gathering while your team keeps working.
3. Written report in ~2 weeks
A prioritized 15-to-20-page report with findings, risk scores, and a 30/60/90 plan. We walk you through it, then you decide.

What our clients say

“I called Fusion in a panic at 9pm on a Friday. By Monday morning our team walked in and got back to work like nothing happened. Every file recovered. No ransom paid.”
SM
Sandra M.
CEO, Industrial Supply Company, Mississauga
“We went from 35 to 70 employees in under a year. Every new hire needed a laptop, accounts, and security configured within 48 hours. Fusion handled every onboarding without us having to micromanage it.”
PR
Priya R.
Operations Director, GTA

CISSP-led leadership

Mike Pearlstein, CISSP, Founder of Fusion Computing

Mike has led IT strategy and security assessments for Canadian businesses since 2012. “In about 80% of the assessments we do, the business is overpaying for something they do not need and underspending on something critical, most often a backup solution that has not been tested in two years.”

CISSPSince 2012CIS Controls v8.1ITIL 4 / ISO 20000

Frequently asked questions

Your free IT assessment

Tell us about your environment and a senior consultant follows up within one business day. Include your user count and primary concern, security, downtime, compliance, or growth, so we can prepare.

Book your free assessment Explore managed IT

Explore more:Cybersecurity assessment·AI readiness assessment

Free 168-Point IT Assessment

Book a Consultation

168 checkpoints across six areas

Security gaps

Compliance readiness

Infrastructure health

Network performance

Backup and disaster recovery

IT spending

A board-readable report in about two weeks

The evidence Canadian SMBs are missing

$6.98M average Canadian breach

Only 59% identify cyber risk

25%+ SaaS overspend by 2027

24% hit by ransomware

You do not need to be in crisis

Your IT person left

You are growing fast

You had an incident

You are preparing for compliance