Exposure Yes No Unsure
Do you and your employees or customers access your internal system from remote locations and/or work off a wireless network?
Do members of your business take company owned devices (such as laptops, mobile phones, tablets and USB drives) out of the office?
Does your organisation use the cloud to store information?
Are your critical operation systems connected to a public network?
Do you, or any other member of staff, use computers or mobile devices to access bank accounts or transfer money?
Do you store sensitive data on your system such as intellectual property or financial reports that could damage your company if it was stolen?
Do you store sensitive customer or employee information on your system? (Financial information and government-issued ID numbers etc)
Do your employees ever neglect policies around the appropriate use of the internet, emails or their work computer?
Can your building be accessed without the use of an ID card?
Do employees have the option to opt out of network security training at your organisation?
Do employees have the option to use their company-issued devices or computers without creating their own secure password?
Has your IT department ever failed to install software updates or patches?
Would your organisation lose critical information in the event of a system failure or other network issue?
Could your business be sustained beyond 10 days without access to business-critical information?
Has your business or organisation neglected to review its cyber security procedure in the last year?