Question Title

* 1. How many staff does your IT team consist of?

Question Title

* 2. Do you have specialised IT Security Staff?

Question Title

* 3. What is your current job title?

Question Title

* 4. Does your organisation adhere to an IT Security framework?

Question Title

* 5. How would you describe your organisations cyber security maturity level?

Question Title

* 6. At this time, where is your data stored?

Question Title

* 7. Has your organisation fully tested your disaster recovery plan in the past 12 months

Question Title

* 8. Do you currently use 2FA or multifactor authentication on your email

Question Title

* 9. Do you currently use either 2FA or multifactor authentication on other applications?

Question Title

* 10. Do you send business emails from personal accounts

Question Title

* 11. What is your current process for managing phishing emails? (Phishing is a scam where a deceptive email message is sent to trick the recipient into revealing personal or confidential information which the scammer can then use illicitly.)

Question Title

* 12. Do you currently have a written Cyber Incident Response plan

Question Title

* 13. Have you fully tested your incident response plan?

Question Title

* 14. Have you ever had an independent party conduct an audit of your computer systems and processes?

Question Title

* 15. Do you have a document classification system in place (i.e. classification of data based on its level of sensitivity, value and criticality to your practice, which assists with security controls for the protection of data)?

Question Title

* 16. How does your practice gain assurance that project delivery partners and other third-party suppliers are compliant with your security policies?

Question Title

* 17. When was the last time your organisation conducted Cyber Security awareness training

Question Title

* 18. Does your organisation currently use a Password Manager

Question Title

* 19. Does your organisation have a cyber insurance policy?

Question Title

* 20. Has your organisation had a cyber incident within the past 12 months

T