Cyber Security Risk Profile


Answer these questions to assess your company's Cyber Security Vulnerability Risk.

1) Does any of the following apply to your company’s password policy? (Check all that apply)

Use Strong Passwords
Periodically change all passwords
Do not share the master password
None of the above
Please select an answer.

2) Do your employees use office computers to access social networks for personal reasons?

Yes
No
Please select an answer.

3) Do your employees connect and use Live Chat systems on ANY social platform using office systems (for work or pleasure)?

Yes
No
Please select an answer.

4) Do the systems accessing your company network have any of the following operating systems? (Check all that apply)

Windows NT
Windows 2000/2003
Windows XP
Windows 95/98/98SE/ME
None of the above
Please select an answer.

5) Is all your software kept updated, and your IT department alerted about outdated software present on your network?

Yes
No
Please select an answer.

6) Check all that apply to your company’s backup policy:

Incremental backups are taken daily
Servers and workstations are fully backed up once a week
Backups are stored offsite
Backups are encrypted and password protected
None of the above
Please select an answer.

7) How many employees have access to important company and financial data?

1
2 - 3
4 - 10
More
Only those who access the data as part of their job functions.
Please select an answer.

8) Do your employees have full access to multiple data systems on your company network?

Yes
No
Limited access to specific data systems, only when their job requires it
Please select an answer.

9) Check all that apply to your company’s WiFi network below:

Secure, with password protection
Encrypted
Hidden
None of the above
Please select an answer.

10) Do employees download and use their own software on company office systems?

Yes
No
Please select an answer.

11) What type of firewall does your company have?

Perimeter Network Firewall
Local device (computing and/or mobile device) firewall
Both
None
Please select an answer.

12) Which of the following methods do you use to protect highly sensitive data from hackers or prying eyes? (Check all that apply)

Strong Passwords
File Permissions
Encryption
Please select an answer.

13) Do your employees connect to your company’s network using a range of computing and mobile devices?

Yes
No
Please select an answer.

14) Do your employees connect to your company’s network using their personal computing and mobile devices?

Yes
No
Please select an answer.

15) How many employees have access to important company and financial data through their personal computing and / or mobile devices?

1
2 - 3
4 - 10
More
Only those who access the data as part of their job functions.
Please select an answer.

16) Do you have a Cyber Security policy in place?

Yes
No
Please select an answer.

17) How do you communicate updates in your cyber security policies to your employees? (Check all that apply)

Through documentation
E-mail
In-person meetings
None of the above
Please select an answer.

18) Are your employees periodically trained on security requirements related to their job functions?

Yes
No
Please select an answer.

19) Do you have a dedicated IT Security Person / Team?

Yes
We have an employee managing IT Security, but not as a primary responsibility
Our IT Security function is outsourced to an external contractor
No
Please select an answer.

20) Do you have auditing in place for important and sensitive data?

Yes
No
Please select an answer.

21) What types of software are used by your company for your daily business activities? What type of support do you have for them? (Check all that apply)

Licensed proprietary software with full technical support from the vendor
Free / limited version software with limited or no support from the vendor
Open Source software with support available from forums, etc.
Custom made third-party software with service level agreements in place with the vendor
Unlicensed Software
Please select an answer.

22) Does your company have a policy that manages the use of open source software within your network?

Yes
No
Please select an answer.

23) Does your company use proprietary software hosted externally with access to sensitive company data?

Yes
No
Please select an answer.

24) How many levels of authentication (security question, registered email address, etc) does your password retrieval process have?

1
2
More than 2
Please select an answer.

25) Do your employees regularly connect to external WiFi networks such as home networks, airports, café, etc?

Yes
No
Please select an answer.

26) How do you ensure that you keep your security software up to date? (Check all that apply)

Automatic Updates
Regular checks by the IT team, alerts on outdated software
Regular patch management programs
Please select an answer.

27) Are the use of removable media such as USB drives, CDs, DVDs, etc. restricted within your company network?

Yes
No
Please select an answer.

28) Are your payments system secure and comply with the latest payment system security requirements?

Yes
No
Please select an answer.

29) Are IT and Security policies in your company periodically reviewed, updated and communicated to the employees?

Yes
No
Please select an answer.

30) Do you have appropriate Disaster Recovery Plans and Risk Management Plans in place with regards to IT security?

Yes
No
Please select an answer.