Technical security audit with external security scan, web application penetration test, and test of the email infrastructure as well as a review of the firewall rules and conducting awareness training