Cybersecurity assessments

Score your cybersecurity in minutes.

Pick an assessment, answer honestly, and get an audit-ready report with prioritised next steps. Each assessment is built by the Cyentrix team and includes auditor-grade guidance on how to test each control and what evidence to collect.

16 assessments across 2 sections
3–15 min each
Audit-ready evidence per question
Pro · free previews on selected assessments

Take the free taster → Browse all assessments

Ransomware

Ransomware Readiness

20 questions · Complete ✓

NIS2

NIS2 Compliance Quick Check

12 questions · 8/12 done

Cloud

Cloud Security Maturity

20 questions · Start →

Cyber posture

Frontline cybersecurity readiness — ransomware, phishing, cloud, crisis response.

Attack Surface & Digital Footprint

What does the internet know about your organisation that you don't? 5 minutes.

13 questions · 4 min Pro

Start →

Cloud Security Maturity

Find gaps in your cloud security posture.

20 questions · 7 min Pro

Start →

Crisis Resilience Assessment

How prepared is your organisation for a cyber crisis?

24 questions · 8 min Pro

Start →

NIST CSF Quick Check

Where you stand against the NIST Cybersecurity Framework 2.0.

24 questions · 8 min Pro

Start →

Phishing Vulnerability Score

How exposed your team is to phishing — and how to fix it.

15 questions · 5 min Pro

Start →

Ransomware Readiness Assessment

How prepared is your organisation for the #1 cyber threat to businesses?

20 questions · 7 min Pro

Start →

Small Business Cyber Posture

A practical 30-question check for SMBs without a dedicated security team.

29 questions · 10 min Free

Start →

Vulnerability Management Maturity

How well does your VM programme find, prioritise, and fix what matters? 5 minutes.

13 questions · 4 min Pro

Start →

Compliance & ITGC

Regulatory and audit-aligned assessments — ISO 27001, NIS2, SOC ITGC, vendor risk.

ISO 27001 A.5 — Organisational Controls

How well your governance, supplier and incident controls map to ISO 27001:2022 Annex A.5.

10 questions · 3 min Pro

Start →

ISO 27001 A.6 — People Controls

Screening, training, NDAs, remote work — all 8 A.6 people controls in 3 minutes.

8 questions · 3 min Pro

Start →

ISO 27001 A.7 — Physical Controls

Perimeter, entry, monitoring, equipment, disposal — the physical side of ISO 27001 in 3 minutes.

10 questions · 3 min Pro

Start →

ISO 27001 A.8 — Technological Controls

Endpoint, identity, network, data, dev, monitoring — A.8 in 4 minutes.

12 questions · 4 min Pro

Start →

ITGC Readiness (SOC / SAS 70)

IT general controls readiness for SOC 1 / SOC 2 (formerly SAS 70) audits — in 4 minutes.

12 questions · 4 min Pro

Start →

NIS2 Compliance Quick Check

Where you stand against the EU NIS2 Directive — in 4 minutes.

12 questions · 4 min Free

Start →

Third-Party / Vendor Risk

How well do you assess, contract, and monitor your suppliers? 5 minutes.

14 questions · 5 min Pro

Start →

TPRM Programme Maturity

How mature is the operating model behind your third-party risk management programme? 4 minutes.

12 questions · 4 min Pro

Start →