BUSINESS BASICS CYBER CHECK

BUSINESS BASICS CYBER CHECK

Assessment for SMES

The BUSINESS BASICS CYBER CHECK was developed by our digital risk experts and covers all aspects of cyber risk. It is aimed primarily at small and medium-sized enterprises (SMEs) and is conducted through a simple and user-friendly online survey.

The answers control an algorithm that determines your cyber-security readiness on a scale between 0 points (unprepared) and 100 points (well prepared). These results are aligned with international Cyber Maturity standards to enable comparisons and progress monitoring. A one-page summary and a detailed report with information on measures and improvements is produced covering the following areas:

Management
  • Roles and responsibilities of the management and/or board
  • Guidelines, policies and procedures
Business processes
  • Core and critical business processes
  • Policies including business continuity and disaster recovery
  • Dependencies with (external) parties
IT infrastructure
  • Network structure (including any parts outsourced/handled by third parties)
  • Business effects and business continuity of own IT Infrastructure
  • Security procedures and measures
  • Number of desktops / laptops / servers
  • Intrusion detection software
Applications and systems
  • Availability of applications
  • Access rights
  • Security of applications
  • Third party reliance
  • Encryption and other security measures
Information
  • Data structure
  • Access/user rights
  • Security and encryption
  • Date backup including third party provider
  • Storage and/or processing of personal data
Organisation
  • Standards used/complied to (e.g. ISO 27001, PCI DSS,…)
  • Compliance with standard specifications
  • Previous insurance and claims history
  • Previous cyber attacks
  • Previous effects of cyber attacks, violations or unavailability of systems
  • Provision of IT services for other companies
  • payment processing on behalf of third parties
  • Operating a website and/or an online shop
  • Use of cyber insurance
Personnel and training
  • Training in security, IT and cyber security matters
  • Best Practices for the HR process
    • Recruitment
    • Onboarding
    • Background checks
    • Termination and Revocation of user rights
Logistics
  • Policies and procedures for interaction with internal and external parties within the business process
  • the business impact of an attack on the continued existence of the company, including third-party audits

 

 

We issue a certificate of participation in our BUSINESS BASICS CYBER CHECK.