top of page

Get a Clear Picture of Your Cyber Risk with our Free Self-Assessment

Our free assessment tool is designed to help you understand how well your organisation is protected against today's cyber threats.

Based on SMB1001 cyber security standards, after completing the assessment, we'll report back to you and tell you how you stack up against the the bronze, silver and gold standard tiers - so you know exactly where you stand and where you can improve.

SMB1001 certificates
Do you have an IT support specialist to support your business currently?
Yes
No
Is a firewall(s) installed and configured?
Yes
No
Don't know
Is anti-virus software installed on all organisational devices?
Yes
No
Don't know
Are all PCs / laptops automatically updated at least monthly with security patches?
Yes
No
Don't know
Are TLS certificates installed on all public internet-facing websites?
Yes
No
Don't know
Are all servers (if any) updated and patched?
Yes
No
Don't know
N/A
Do you have Endpoint Detection and Response (EDR) implemented?
Yes
No
Don't know
Do you proactively ensure strong password hygiene is maintained?
Yes
No
Don't know
Do employee accounts have admin privileges?
Yes
No
Don't know
Do all users have named individual accounts?
Yes
No
Don't know
Do all users use a password management tool?
Yes
No
Don't know
Is multi-factor authentication (MFA) enforced on all employee email accounts?
Yes
No
Don't know
Is multi-factor authentication (MFA) enforced on all business applications and business social media accounts?
Yes
No
Don't know
If you use Remote Desktop Protocol (RDP) does it use a virtual private network (VPN) connection?
Yes
No
Don't know
Not Applicable
Do all domains used to send organisational email have a correctly configured and valid SPF record that lists every system authorised to send email on your behalf (eg. M365/Google, marketing tools, CRM systems etc.)?
Yes
No
Don't know
Do you have a back-up and recovery solution in place for important digital information (e-mail, files, etc.)?
Yes
No
Don't know
Do you have insurance against cyber-risk?
Yes
No
Don't know
Are all employees, contractors and third party suppliers required to sign a confidentiality agreement upon commencement of work?
Yes
No
Don't know
Does the organisation have a documented Invoice Fraud Prevention Policy that outlines the required procedures for verifying supplier bank account changes, validating authenticity, and reporting suspected fraud attempts?
Yes
No
Don't know
Do you have a visitor register that visitors to your premises must sign in and out of?
Yes
No
Don't know
Does the organisation have an approved, documented cyber security policy that defines minimum security expectations (people, process, technology), assigns accountabilities, and is reviewed at least annually?
Yes
No
Don't know
Does the organisation have a documented Cyber Incident Response Plan that defines how to detect, respond, escalate, communicate, and recover from cyber incidents, and has it been tested (tabletop or live exercise) within the last 12 months?
Yes
No
Don't know
Are physical documents containing sensitive/private/confidential information destroyed using secure methods (e.g., cross‑cut shredding or certified destruction service), and is there a documented procedure for staff to follow?
Yes
No
Don't know
Are all devices that store or may store sensitive/private/confidential information disposed of securely using an approved process (secure wipe or physical destruction), and are disposal actions recorded?
Yes
No
Don't know
Does the organisation maintain an up‑to‑date digital asset register of devices and key systems (hardware, software, cloud services), including owner, purpose, location, and lifecycle status—and is it reviewed on a defined schedule?
Yes
No
Don't know
Does the organisation have an approved, documented policy for the responsible and secure use of AI technology that defines permitted AI tools, acceptable data usage, user responsibilities and security/risk controls?
Yes
No
Don't know
Does the organisation periodically conduct cybersecurity awareness training for all employees?
Yes
No
Don't know
Privacy Notice Acknowlewdgement
I acknowledge and accept the Privacy Notice.

The information submitted through this form will be used solely for the purpose of reviewing your cyber security posture and contacting you regarding the results. We will not sell or share your information with third parties. For more information, please refer to our Privacy Policy.

bottom of page