Assessment for SMEs

The BUSINESS BASICS CYBER CHECK was developed by our digital risk experts and covers all aspects of cyber risk. It is aimed primarily at small and medium-sized enterprises (SMEs) and is conducted through a simple and user-friendly online survey.

The answers control an algorithm that determines your cyber-security readiness on a scale between 0 points (unprepared) and 100 points (well prepared). These results are aligned with international Cyber Maturity standards to enable comparisons and progress monitoring. A one-page summary and a detailed report with information on measures and improvements is produced covering the following areas:

  • Roles and responsibilities of the management and/or board
  • Guidelines, policies and procedures
Business processes
  • Core and critical business processes
  • Policies including business continuity and disaster recovery
  • Dependencies with (external) parties
IT infrastructure
  • Network structure (including any parts outsourced/handled by third parties)
  • Business effects and business continuity of own IT Infrastructure
  • Security procedures and measures
  • Number of desktops / laptops / servers
  • Intrusion detection software
Applications and systems
  • Availability of applications
  • Access rights
  • Security of applications
  • Third party reliance
  • Encryption and other security measures
  • Data structure
  • Access/user rights
  • Security and encryption
  • Date backup including third party provider
  • Storage and/or processing of personal data
  • Standards used/complied to (e.g. ISO 27001, PCI DSS,…)
  • Compliance with standard specifications
  • Previous insurance and claims history
  • Previous cyber attacks
  • Previous effects of cyber attacks, violations or unavailability of systems
  • Provision of IT services for other companies
  • Payment processing on behalf of third parties
  • Operating a website and/or an online shop
  • Use of cyber insurance
Personnel and training
  • Training in security, IT and cyber security matters
  • Best Practices for the HR process
    • Recruitment
    • Onboarding
    • Background checks
    • Termination and Revocation of user rights
  • Policies and procedures for interaction with internal and external parties within the business process
  • The business impact of an attack on the continued existence of the company, including third-party audits



We issue a certificate of participation in our BUSINESS BASICS CYBER CHECK.