Skip to content

Cyber emergency 24/7 : 1 888 607-8277 (VARS)

About us
Blog
Webinars
Career
Contact

Français

Menu

Virtual CISO
Integrated Solution
Specialized Services
Information Governance
Free Tools
- Online security assessment
- Events & Webinars
Request a Demo
About us
Blog
Contact
Request a Demo
LinkedIn
Français

Close Menu

Discover Your security Posture

See how Vars can help you identify your security gaps and start securing your business.

Discover your security posture
Identify your security gaps
Start securing your business

quizz-gauge-2

Complete the quiz and get a free consultation

You only need 20 minutes. Everything is confidential.

Step 1 of 9 - Information Security Governance / Risk Management:

11%

Information Security Governance / Risk Management:
1.What is your industry?
2. How many employees does your organization have?
3. Do you have a dedicated information security and cybersecurity budget?
- Yes
- No
4. Does your organization have a Chief Information Security Officer (CISO) or dedicated leadership resource responsible for information security?
- Yes
- No
5. How many dedicated information security resources does your organization have?
6. Are their roles and responsibilities clearly defined?
- Yes
- No
- N/A
7. Does your organization have an information security strategy?
- Yes
- No
8. Does your information security strategy align with the business goals and mission?
- Yes
- No
9. Does your organization have documented, approved and executed information security policy?
- Yes
- No

Overall culture around cybersecurity and security awareness:
10. Are the board of directors and/or executive leadership team aware of information security risks?
- Yes
- No
11. Do they participate in information security activities?
- Yes
- No
- N/A
12. Is there a cybersecurity awareness program in place?
- Yes
- No
13. Does your company have a strategy around information security awareness?
- Yes
- No
- N/A
14. Does your company have a strategy around phishing simulation and social engineering testing?
- Yes
- No

Application Security:
15. Do you currently have web applications in your organization?
- Yes
- No
16. Has your organization conducted application security testing in the past 12 months?
- Yes
- No
- N/A
17. Is security embedded into your application development life cycle / SDLC?
- Yes
- No
- N/A

Infrastructure Security:
18. Does your organization ensure all devices that store or process sensitive information at a minimum have access control and anti-malware in place and up to date?
- Yes
- No
19. Does your organization have a strategy and solution in place to detect, prevent and mitigate malicious communications and activities?
- Yes
- No
20. Does your organization have a data classification policy in place and are sensitive data appropriately protected?
- Yes
- No
21. Has your organization conducted a network penetration test or cyber security assessment in the past 12 months?
- Yes
- No

Incident Response / Cyber Resilience:
22. Does your organization have an incident response plan and process in place?
- Yes
- No
23. Does your organization periodically test the incident response plan and process in place?
- Yes
- No
24. Do you have the capability detect, respond, remediate and recover from a cyber security incident?
- Yes
- No
25. Do you have adequate visibility into your network / Is the networking being monitored?
- Yes
- No
26. Do you have a business continuity plan?
- Yes
- No
27. Is information security embedded in your business continuity plan?
- Yes
- No
- N/A

Vulnerability Management:
28. Do you have a vulnerability Management program?
- Yes
- No
29. Are you up to date with patch management?
- Yes
- No
30. Does your organization regularly scan your environment for vulnerability?
- Yes
- No
30. Does your organization regularly scan your environment for vulnerability?
- Yes
- No
31. Does your organization have a remediation policy/plans for vulnerabilities?
- Yes
- No

Regulatory Compliance:
32. Does your organization have to comply with regulations (SOX, PCI, HIPAA, and FISMA)?
- Yes
- No

Third Party Management:
33. Does your organization have a third party risk management program in place?
- Yes
- No
34. Does your organization protect sensitive information received from a third-parties during transmission and at rest (i.e. Encryption, SSL/TLS connections)?
- Yes
- No
35. Does your organization ensure all third parties are protecting your sensitive information?
- Yes
- No

Please fill this form to get your results
First Name*
Last Name*
Title*
Phone*
Email*
Company*
Country*
CAPTCHA

Powered by

Address

National Bank Tower
600 de la Gauchetière Street West, Suite 2000
Montreal (QC) H3B 4L8
Canada

Cyber Emergency

Call our team of experts - 24/7

514-467-3131
1 888 607-VARS (8277)

We use cookies to guarantee you the best experience on our site. If you agree with this feature, please click the OK button on the right. Otherwise, you can manage the configuration of cookies by accessing the settings tab of your browser.Ok Privacy policy