ASSESS
EDUCATE
PREVENT
PROTECT
Log In
%
Home
Our Process
Our Services
Assessments
Strategy
Analysis
Recommendations
Solutions
Industries
Contact Us
More
Use tab to navigate through the menu items.
What's Your SCORE?
Security Compliance and Operational Risk Exposure
(None of your data will be stored without your express consent)
Please select your primary industry:
Education
Energy
Government
Finance
Health Services
Insurance
IT (or related)
Legal
Marketing
Real Estate
Transportation
Emergency Services
Please check all the types of systems and data that apply:
Information Technology (enables business ops)
Operational Technology (enables buisness ops)
Intellectual Property
Payment Card Information (PCI)
Personal Identifiable Information (PII)
Protected Health Information (PHI)
Controlled Unclassified Information (CUI)
Internal or Customer Financial Data
NEXT
Do you have an inventory?
Yes
No
When was your inventory last reviewed, updated or verified ?
Within the last 6 months
Over 6 months ago but less than 1 year
Over 1 year ago
Does your inventory include....
Systems (physical or virtual)?
Endpoints (fixed and mobile)?
Networking Devices?
Applications and Software?
Databases?
Peripherals (printers, scanners, external storage)?
NEXT
ARCHITECTURE - do you have network diagrams with dataflows and connections?
Yes
No
ARCHITECTURE - when were your network diagrams last reviewed, updated or verified ?
Within the last 6 months
Over 6 months ago but less than 1 year
Over 1 year ago
STRATEGY - do you have an IT and/or Cybersecurity Strategy?
Yes
No
STRATEGY - When was was your IT and/or Cybersecurity strategy last updated?
Within the last 6 months
Over 6 months ago but less than 1 year
Over 1 year ago
AUDITS - have you had an IT and/or Cybersecurity Audit?
Yes
No
AUDITS - When was the most recent one conducted?
Within the last 6 months
Over 6 months ago but less than 1 year
Over 1 year ago
AUDITS - what was the type of the MOST RECENT audit?
FISMA
HIPAA
ISO 27001
NIST SP 800-171
PCI DSS
SOC2
SOX
AUDITS - where all findings addressed?
Yes
No
TESTING - have you conducted penetration or vulnerability testing?
Yes
No
TESTING - When was the most recent one conducted?
Within the last 6 months
Over 6 months ago but less than 1 year
Over 1 year ago
TESTING - where all findings addressed?
Yes
No
CONTINUITY OF OPERATIONS - Have you conducted Incident Response (IR)/Disaster Recovery (DR) testing?
Yes
No
CONTINUITY OF OPERATIONS - When was the most recent one conducted?
Within the last 6 months
Over 6 months ago but less than 1 year
Over 1 year ago
CONTINUITY OF OPERATIONS - where all findings addressed?
Yes
No
CYBERSECURITY INSURANCE - Do you have an insurance policy in case of cyber attack or data breach?
Yes
No
CYBERSECURITY INSURANCE - When was it most recently updated?
Within the last 6 months
Over 6 months ago but less than 1 year
over 1 year ago
