Skip to content
"
*
" indicates required fields
Step
1
of
7
14%
Instagram
This field is for validation purposes and should be left unchanged.
Section 7: Company Information
Full Name
*
Job Title
*
Organisation Name
*
Email
*
Phone
*
Can you provide a description of the company?
How many workers do you have in total?
This field is hidden when viewing the form
Total Score
Section 1: Perimeter Security
Q1. Do you use a business-grade router or advanced firewall?
*
Yes
No
Not sure
Q2. Do you update your firewall/router firmware?
*
Yes
No
Not sure
Q3. Do you allow remote access to your network?
*
Yes
No
Not sure
Q4. If answered yes, is it protected by one of these methods?
*
None
MFA with a strong password (12 characters alphanumeric, avoiding common passwords)
IP Lockdown
Q5. Do you use DNS or Web filtering to block access to malicious websites?
*
Yes
No
Section 2: Identity & Access Management
Q1. Do you use MFA across your organization?
*
Yes
Partially
No
Q2. Do you have a password policy or use a password manager?
*
Yes
No
Not Sure
Q3. How do employees access system's
*
VPN
Cloud-based logins
Onsite
Remote Desktop
Q4. Do you have a process for adding, modifying, and removing user accounts when employees join, change roles, or leave?
*
Yes
No
Section 3: Endpoint & Device Security
Q1. Do you have antivirus Installed on all devices (Including Servers)?
*
Yes traditional antivirus
Advanced antivirus EDR/MDR
None
Q2. Are devices centrally managed (Intune/MDM/RMM)?
*
Yes
No
Q3. Are employees allowed to use personal devices for work?
*
No
Yes
Q4. When users walk away from their devices, do they automatically lock within 15 minutes?
*
Yes
No
Q5. Do you separate user accounts and admin accounts?
*
Yes
No
Q6. Are all endpoints encrypted to protect data in case of device theft or loss
*
Yes
No
Q7. Are all devices and software (OS, apps, etc.) regularly updated within 14 days of a security patch being released?”
*
Yes
No
Section 4: Cloud & Email Security
Q1. Which cloud service do you use? Example Microsoft 365 or Google workspace/ Gsuite.
*
Q2. Is email threat protection/spam filtering enabled?
*
Yes
No
Not Sure
Q3. Have you implemented DLP policies?
*
Yes
No
Not Sure
Section 5: User Awareness
Q1. Do you provide regular security awareness training to your employees?
*
Yes
No
Not Sure
Q2. Do you conduct phishing simulations to test and improve employee awareness of phishing attacks?
*
Yes
No
Not Sure
Q3. Do employees know how to report suspicious activities or potential security incidents?
*
Yes
No
Section 6: Incident Response & Testing
Q1. Do you perform regular backups critical systems?
*
Yes
No
Q2. Do you have an incident response/disaster recovery plan?
*
Yes
Partially
No
Q3. Have you experienced a cybersecurity incident?
*
Yes
No
Q4. Do you conduct regular vulnerability scans or penetration tests?
*
Yes
No
