Know your cyber risk & security posture now?

A+B
C
D
E
F
G
Section A

ORGANIZATIONAL VISION, STRATEGY & DIRECTION

Assesses strategic maturity and intent — evaluating whether your organization has a clear, documented direction aligned with security objectives.

Q1

Does the organization have a documented long-term business vision (3–5 years)?

Q2

Are short‑term (annual) and medium‑term (1–3 year) goals formally defined?

Q3

Is information security explicitly referenced within the organizational vision or strategy?

Q4

Are business goals mapped to technology and security initiatives?

Q5

Are KPIs defined to measure progress against strategic objectives?

Section B

GOVERNANCE & SENIOR MANAGEMENT INVOLVEMENT

Measures leadership ownership and direction — evaluating senior management's commitment to and involvement in cybersecurity governance.

Q1

Does the organization have a formally documented Information Security Policy?

Q2

Are all security policies reviewed and updated at least annually?

Q3

Is there a dedicated Acceptable Use Policy (AUP) for IT resources?

Q4

Does the organization have a documented Data Classification Policy?

Q5

Is there a formal Incident Response Policy and plan in place?

Free Enterprise Security Assessment | Secure Logic Group