Get started
Find out your readiness against cyber-attacks or any adversaries, from a people and process point of view through or
free High-level assessment
.
Take advantage of our
free Ransomware assessment
to find out how resilient you are against these types of attacks.
Services
Governance, Risk and Compliance (GRC)
Vulnerability Assessment (VA)
Cybersecurity Consulting
Solutions
Managed Service Providers
Cyber Insurance
Risk Management and Advisory
Pricing
Resources
Compliance and Standards
Why Rezilens
Blogs and News
Events
FAQ
Careers
Free Tools
Login
Get started
Cyber Maturity Review - Introductory (25 Questions)
*
1. Is there a regularly reviewed high level Information Security Policy document in place which has been communicated across your organisation?
Yes
Partially
No
This value is required
*
2. Do you have staff who are primarily responsible for information security?
Yes
Partially
No
This value is required
*
3. Do you have any control in place to protect organisational information when people use mobile devices?
Yes
Partially
No
This value is required
*
4. Is there any control or guidance for remote system access?
Yes
Partially
No
This value is required
*
5. Do you conduct background, reference, and mandatory checks before employing staff?
Yes
Partially
No
This value is required
*
6. Is there any confidentiality agreement to be mandatorily signed at the time of joining the organisation?
Yes
Partially
No
This value is required
*
7. Have you established and implemented training and awareness programs to communicate the information security policy and procedures?
Yes
Partially
No
This value is required
*
8. Are users only granted access to information which they are specifically authorised to use?
Yes
Partially
No
This value is required
*
9. Do you use strong authentication processes, i.e. access tokens, to access critical applications or systems?
Yes
Partially
No
This value is required
*
10. Is there any documented password standard in place to be enforced across your systems?
Yes
Partially
No
This value is required
*
11. Do you utilise any encryption methods, such as encryption keys, to protect your sensitive information and data?
Yes
Partially
No
This value is required
*
12. Do you keep all your devices, i.e. workstations, servers and network equipment, in secure facilities?
Yes
Partially
No
This value is required
*
13. Is there any process in place to control access for visitors across your organisation, including delivery and loading areas?
Yes
Partially
No
This value is required
*
14. Are there any UPS or diesel generators to provide continuous power in the event of a power disruption?
Yes
Partially
No
This value is required
*
15. Do you maintain separate and distinct software development, testing, and production environments to ensure production information is not accidentally altered or destroyed?
Yes
Partially
No
This value is required
*
16. Is there any content filtering systems in place to detect or prevent the use of malicious attachments or websites?
Yes
Partially
No
This value is required
*
17. Do you have documented procedures for data backups, to address the lifecycle, storage, encryption, and testing backups?
Yes
Partially
No
This value is required
*
18. Do you have any regularly updated antivirus and/or anti malware programs in place?
Yes
Partially
No
This value is required
*
19. Do you have a documented patch management policy or procedure?
Yes
Partially
No
This value is required
*
20. Do you have any policies or controls in place to prevent the unauthorised installation of software?
Yes
Partially
No
This value is required
*
21. Do you have any processes in place to manage and monitor the cyber security status of your suppliers?
Yes
Partially
No
This value is required
*
22. Do you have a documented plan to manage information security incidents, from identification to containment and response?
Yes
Partially
No
This value is required
*
23. Do you have a current Business Continuity Plan and/or a Disaster Recovery Plan?
Yes
Partially
No
This value is required
*
24. Do you have a register of applicable compliance obligations related to information security and privacy?
Yes
Partially
No
This value is required
*
25. If using cloud infrastructure, is there a contractual and practical capability to access and obtain all data being stored for each cloud service?
Yes
Partially
No
This value is required