• FortiTech Security Questionnaire

    This questionnaire is comprised of 7 sections and is designed to assist in the assessment of your current technology security. It should take approximately 10-15 minutes to complete. Once you have submitted your completed questionnaire we will be in touch to discuss your results.If you have any issues completing it, please call us on 1300 778 078.
  •  -
  • Is there a single person responsible for your data security?*
  • Do you have a technology roadmap or strategic plan?*
  • Do you have a notifiable data breach plan?*
  • Do you have a business continuity plan?*
  • Do you have a cyber security policy?*
  • Do you have a social media policy?*
  • Do you have an IT acceptable use policy?*
  • Do you have a 'password' policy?*
  • Do you have a sub-contractor access policy?*
  • Do you have an onboarding/off boarding procedure for staff?*
  • Do you have any known compliance obligations?*
  • Do you have cyber liability insurance?*
  • Do you get regular security audits and/or penetration tests?*
  • Do you have a monitored security alarm system?*
  • Do you use key card access?*
  • Is your company IT equipment in a locked room or rack?*
  • Do you have power protection (UPS) in place for your technology equipment?*
  • Is any part of your office accessible to members of the public?*

  • Network Perimeter

  • Do you use a hardware firewall in your office?*
  • Do you have an email filter or anti-spam service?*
  • Do you have staff that work remotely? i.e. from home or on the road?*
  • Do you use a Virtual Private Network (VPN) to connect remotely?*

  • Wi-Fi

  • Which security protocol do you use for your company Wi-Fi?*
  • Do you allow guest and public use of your company Wi-Fi?*

  • Device Security

  • Do you have endpoint antivirus software?*
  • Do you use endpoint security risk monitoring?*
  • Are your devices set with default passwords?*
  • Are applications locked down? (i.e. macros turned off)*
  • Is your software and hardware automatically patched/updated?*
  • Do you undertake Security Awareness Training for staff, management and boards?*
  • Do you restrict access to any websites? E.g. Facebook, Gambling, Adult sites etc*
  • Do staff have the ability to install software themselves?*
  • Do you use multifactor authentication?*
  • Is it SMS based?*
  • Do you manage your 'passwords' using third party tools such as LastPass?*
  • Do you have a server onsite?*
  • Is it backed up?*
  • In the event of a server failure can you be back up and running in an hour?*
  • Do you use cloud applications?*
  • Are they backed up?*
  • Does your business take credit card payments?*
  • Do you have an equipment asset register?*
  • Is all of your technology equipment still under warranty?*
  • Are you aware of any stolen or lost login credentials? i.e. usernames and passwords*
  • Has your business previously been the target of a cyber-attack?*
  • Should be Empty: