Fit4Cybersecurity

Fit4Cybersecurity is a service that includes multiple self-assessment tools. Its main goal is to allow users to quickly assess their information security maturity in different areas that CASES considers critical. Using all these self-assessment tool is anonymous and for free.

Why?

Fit4Cybersecurity is a quick online self-assessment tool helping business owners evaluate their security maturity and enhance their cyber risk protection. This is the first step of a more thorough assessment, that we call a Diagnostic CASES. The latter dives deeper into the organisation’s context, its state of practice and the existing documentation in terms of cybersecurity risk management, with the goal to address gaps with respect to baseline practices.

Complementing Fit4Cybersecurity, Fit4Contract is a similar tool whose aim is to help business owners ensure that contracts (already signed but especially those about to be signed with third parties) for the procurement of ICT services cover the essential information security aspects. The raison d’être of Fit4Contract is that a lot of small non-ICT organisations are often insufficiently prepared to negotiate contract clauses with ICT service providers.

And finally, Fit4Privacy is a third tool in the self-assessment bundle, created in cosultation with the CNPD, with the purpose to give business owners a good initial overview of their maturity in privacy and data protection, as required by the GDPR since May 2018.

How?

To start, go to either one of Fit4cybersecurity, Fit4Contract or Fit4Privacy, and click on the ‘Start’ button with your chosen language to start the survey. You will first have 3 questions related to your current context and the follow-up multiple-choice questions will go in more detail about how your company manages different aspects related to the topic of the questionnaire.

All questions will not take you more than 15 minutes, but if you need to interrupt your assessment, you can just hit the button ‘Continue later’ and your assessment could be resumed later by using the URL address given when your answers were saved.

Advantages

Fit4Cybersecurity is the first quick assessment of your organisation’s approach regarding cybersecurity risks. It can be a simple way to be aware of applicable good practices in information security risks or cybersecurity.

Fit4Contract helps you and your organisation identify if the minimum required clauses concerning Information Security are present in your contracts with your ICT Service providers.

Fit4Privacy gives a good initial impression on how your organisation is handling privacy and data protection, so you have an idea what to look for when reviewing your organisation’s data protection and privacy standing.

After each of these self-assessments, you can download a report in Word format (.docx), get your results from an ID or by using the link provided during the final result page. In this way, you can 1) show and discuss the report with other members of your organisation, and 2) compare your current score with another one in the past using the same tool.