The document outlines an Information Security Health Check (ISHC) that will be conducted by we45. The ISHC will include assessing governance, risk and process controls, technical security controls, and security awareness. we45 will perform a risk assessment, diagnose security by understanding business goals and benchmarking against best practices. Process and technology controls will be evaluated. Security awareness will be evaluated through interviews and social engineering tests. The deliverables will include a report of applicable controls, a security assessment report, a maturity dashboard, and an implementation roadmap.