2024-12-29 03:44:52 +01:00
{% extends "base.html" %}
{% block content %}
< div class = "container" >
< div class = "row" >
< div class = "col" >
< div class = "text-center" >
< img src = "/static/img/steps-line.svg" class = "img-fluid mt-3" alt = "Steps image" >
< / div >
< h1 class = "pt-4 mb-4" > Risk Assessment Questions< / h1 >
< hr >
< form method = "post" >
2025-04-24 12:53:26 +02:00
{% if form.errors %}
< div class = "alert alert-danger" >
2025-05-06 18:59:29 +02:00
< ul class = "mb-0" >
{% for field in form %}
{% for error in field.errors %}
< li > < strong > {{ field.label }}:< / strong > {{ error }}< / li >
{% endfor %}
{% endfor %}
{% for error in form.non_field_errors %}
< li > {{ error }}< / li >
{% endfor %}
< / ul >
2024-12-29 03:44:52 +01:00
< / div >
2025-04-24 12:53:26 +02:00
{% endif %}
{% csrf_token %}
<!-- Organization Name & Email -->
2024-12-29 03:44:52 +01:00
2025-04-24 12:53:26 +02:00
< div class = "mb-3 question" id = "q0" >
< label class = "form-label mt-3" > Organization Name and Your Email:< / label >
2024-12-29 03:44:52 +01:00
< hr >
< div class = "pb-3" >
2025-04-24 12:53:26 +02:00
< input type = "text" class = "form-control mb-3" id = "name" name = "name" placeholder = "Organization Name" required >
< input type = "email" class = "form-control" id = "email" name = "email" placeholder = "Your Email" required >
2024-12-29 03:44:52 +01:00
< / div >
2025-04-24 12:53:26 +02:00
< small class = "form-text text-muted py-3" >
Enter the organization name and your email address. Both fields are required to continue.
< / small >
2025-05-06 18:59:29 +02:00
< div id = "org-email-error" class = "text-danger py-2" > < / div >
2024-12-29 03:44:52 +01:00
< / div >
<!-- Employee Headcount -->
2025-04-24 12:53:26 +02:00
< div class = "mb-3 question" id = "q1" >
< label class = "form-label mt-3" > Employee Headcount:< / label >
< small class = "form-text text-muted" >
Select one range - Scale factor for internal user base & potential insider risk
< / small >
2024-12-29 03:44:52 +01:00
< hr >
< div class = "pb-3" >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "employee_headcount" id = "employees-1-50" value = "1-50" required >
< label class = "form-check-label" for = "employees-1-50" > 1 - 50< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "employee_headcount" id = "employees-51-250" value = "51-250" >
< label class = "form-check-label" for = "employees-51-250" > 51 - 250< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "employee_headcount" id = "employees-251-1000" value = "251-1000" >
< label class = "form-check-label" for = "employees-251-1000" > 251 - 1,000< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "employee_headcount" id = "employees-1001-5000" value = "1001-5000" >
< label class = "form-check-label" for = "employees-1001-5000" > 1,001 - 5,000< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "employee_headcount" id = "employees-5001-10000" value = "5001-10000" >
< label class = "form-check-label" for = "employees-5001-10000" > 5,001 - 10,000< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "employee_headcount" id = "employees-10000plus" value = "10000+" >
< label class = "form-check-label" for = "employees-10000plus" > 10,000+< / label >
2024-12-29 03:44:52 +01:00
< / div >
< / div >
< small class = "form-text text-muted py-3" > Helps determine the scale of IT infrastructure and security
needs based on user volume.< / small >
< / div >
<!-- Annual Revenue -->
2025-04-24 12:53:26 +02:00
< div class = "mb-3 question" id = "q2" >
< label class = "form-label mt-3" >
Annual Revenue Range:
< br >
< small class = "form-text text-muted" >
Select one range - Indicates scale, potential financial impact, and attractiveness
< / small >
< / label >
2024-12-29 03:44:52 +01:00
< hr >
< div class = "pb-3" >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "annual_revenue" id = "revenue-under-10m" value = "under-10m" required >
< label class = "form-check-label" for = "revenue-under-10m" > < $10 Million< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "annual_revenue" id = "revenue-10m-250m" value = "10m-250m" >
< label class = "form-check-label" for = "revenue-10m-250m" > $10M - $250 Million< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "annual_revenue" id = "revenue-250m-1b" value = "250m-1b" >
< label class = "form-check-label" for = "revenue-250m-1b" > $250M - $1 Billion< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "annual_revenue" id = "revenue-1b-5b" value = "1b-5b" >
< label class = "form-check-label" for = "revenue-1b-5b" > $1B - $5 Billion< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "annual_revenue" id = "revenue-above-5b" value = "above-5b" >
< label class = "form-check-label" for = "revenue-above-5b" > > $5 Billion< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "annual_revenue" id = "revenue-non-profit" value = "non-profit" >
< label class = "form-check-label" for = "revenue-non-profit" > Not Applicable / Non-Profit< / label >
2024-12-29 03:44:52 +01:00
< / div >
< / div >
< small class = "form-text text-muted py-3" > Indicates available resources for cybersecurity investments
and
helps assess risk appetite.< / small >
< / div >
<!-- Critical Business Applications -->
2025-04-24 12:53:26 +02:00
< div class = "mb-3 question" id = "q3" >
2024-12-29 03:44:52 +01:00
< label class = "form-label mt-3" > How many critical business applications do your employees use
daily?< / label >
< hr >
< div class = "pb-3" >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "critical_applications" id = "apps-1-5" value = "1-5"
required>
< label class = "form-check-label" for = "apps-1-5" > 1-5< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "critical_applications" id = "apps-5-20"
value="5-20">
< label class = "form-check-label" for = "apps-5-20" > 5-20< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "critical_applications" id = "apps-more-than-20"
value="more-than-20">
< label class = "form-check-label" for = "apps-more-than-20" > More than 20< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "critical_applications" id = "apps-unknown"
value="unknown">
< label class = "form-check-label" for = "apps-unknown" > I don't know< / label >
< / div >
< / div >
< small class = "form-text text-muted py-3" > Reveals the complexity of your technology landscape and
potential attack surface.< / small >
< / div >
<!-- Regulatory Frameworks -->
2025-04-24 12:53:26 +02:00
< div class = "mb-3 question" id = "q4" >
< label class = "form-label mt-3" >
Applicable Regulatory / Compliance Frameworks:
< br >
< small class = "form-text text-muted" >
Select all applicable - Indicates compliance burden & potential fines/penalties
< / small >
< / label >
2024-12-29 03:44:52 +01:00
< hr >
< div class = "pb-3" >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "checkbox" name = "compliance_frameworks" id = "compliance-gdpr" value = "gdpr" >
2024-12-29 03:44:52 +01:00
< label class = "form-check-label" for = "compliance-gdpr" > GDPR< / label >
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "checkbox" name = "compliance_frameworks" id = "compliance-ccpa" value = "ccpa" >
< label class = "form-check-label" for = "compliance-ccpa" > CCPA / CPRA< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "compliance_frameworks" id = "compliance-cra" value = "cra" >
< label class = "form-check-label" for = "compliance-cra" > CRA (Cyber Resilience Act)< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "compliance_frameworks" id = "compliance-nis2" value = "nis2" >
< label class = "form-check-label" for = "compliance-nis2" > NIS2< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "compliance_frameworks" id = "compliance-hipaa" value = "hipaa" >
2024-12-29 03:44:52 +01:00
< label class = "form-check-label" for = "compliance-hipaa" > HIPAA< / label >
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "checkbox" name = "compliance_frameworks" id = "compliance-pci-dss" value = "pci-dss" >
< label class = "form-check-label" for = "compliance-pci-dss" > PCI-DSS< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "checkbox" name = "compliance_frameworks" id = "compliance-sox" value = "sox" >
2024-12-29 03:44:52 +01:00
< label class = "form-check-label" for = "compliance-sox" > SOX< / label >
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "checkbox" name = "compliance_frameworks" id = "compliance-cmmc" value = "cmmc" >
< label class = "form-check-label" for = "compliance-cmmc" > CMMC< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "checkbox" name = "compliance_frameworks" id = "compliance-energy" value = "energy" >
< label class = "form-check-label" for = "compliance-energy" > Specific Energy Regulations (e.g., NERC CIP)< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "checkbox" name = "compliance_frameworks" id = "compliance-financial" value = "financial" >
< label class = "form-check-label" for = "compliance-financial" > Specific Financial Regulations (DORA)< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "checkbox" name = "compliance_frameworks" id = "compliance-none" value = "none" >
< label class = "form-check-label" for = "compliance-none" > None / Primarily Best Practices Driven< / label >
2024-12-29 03:44:52 +01:00
< / div >
2025-05-12 20:46:17 +02:00
< div class = "form-check other-gap" >
< div class = "other-row" >
< input class = "form-check-input" type = "checkbox" name = "compliance_frameworks" id = "compliance-other" value = "other" >
< label class = "form-check-label ms-2" for = "compliance-other" > Other Industry-Specific Regulations:< / label >
< / div >
< input type = "text" class = "form-control mt-2" name = "compliance_frameworks_other" id = "compliance-frameworks-other-text" placeholder = "Please specify" >
< / div >
2024-12-29 03:44:52 +01:00
< / div >
< small class = "form-text text-muted py-3" > Identifies mandatory security controls and compliance
requirements that must be implemented.< / small >
< / div >
<!-- Industry Sector -->
2025-04-24 12:53:26 +02:00
< div class = "mb-3 question" id = "q5" >
< label class = "form-label mt-3" >
Primary Industry Sector:
< br >
< small class = "form-text text-muted" >
Select one - Indicates typical threat actors & regulatory environment
< / small >
< / label >
2024-12-29 03:44:52 +01:00
< hr >
2025-04-24 12:53:26 +02:00
< div class = "pb-3" >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "industry_sector" id = "industry-financial" value = "financial" required >
< label class = "form-check-label" for = "industry-financial" > Financial Services / Insurance< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "industry_sector" id = "industry-healthcare" value = "healthcare" >
< label class = "form-check-label" for = "industry-healthcare" > Healthcare / Pharmaceuticals< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "industry_sector" id = "industry-technology" value = "technology" >
< label class = "form-check-label" for = "industry-technology" > Technology / Software / Telecommunications< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "industry_sector" id = "industry-retail" value = "retail" >
< label class = "form-check-label" for = "industry-retail" > Retail / E-commerce< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "industry_sector" id = "industry-manufacturing" value = "manufacturing" >
< label class = "form-check-label" for = "industry-manufacturing" > Manufacturing / Industrial< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "industry_sector" id = "industry-government" value = "government" >
< label class = "form-check-label" for = "industry-government" > Government / Public Sector< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "industry_sector" id = "industry-energy" value = "energy" >
< label class = "form-check-label" for = "industry-energy" > Energy / Utilities< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "industry_sector" id = "industry-education" value = "education" >
< label class = "form-check-label" for = "industry-education" > Education< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "industry_sector" id = "industry-professional" value = "professional" >
< label class = "form-check-label" for = "industry-professional" > Professional Services (Consulting, Legal, Accounting)< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "industry_sector" id = "industry-media" value = "media" >
< label class = "form-check-label" for = "industry-media" > Media / Entertainment< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "industry_sector" id = "industry-transportation" value = "transportation" >
< label class = "form-check-label" for = "industry-transportation" > Transportation / Logistics< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "industry_sector" id = "industry-hospitality" value = "hospitality" >
< label class = "form-check-label" for = "industry-hospitality" > Hospitality / Travel< / label >
< / div >
2025-05-12 20:46:17 +02:00
< div class = "form-check other-gap" >
< div class = "other-row" >
< input class = "form-check-input" type = "radio" name = "industry_sector" id = "industry-other" value = "other" >
< label class = "form-check-label ms-2" for = "industry-other" > Other:< / label >
< / div >
< input type = "text" class = "form-control mt-2" name = "industry_sector_other" id = "industry-sector-other-text" placeholder = "Please specify" >
2025-04-24 12:53:26 +02:00
< / div >
< / div >
< small class = "form-text text-muted py-3" >
Determines industry-specific threats, regulations, and security best practices applicable to your business.
< / small >
2024-12-29 03:44:52 +01:00
< / div >
<!-- IT Dependency -->
2025-04-24 12:53:26 +02:00
< div class = "mb-3 question" id = "q6" >
< label class = "form-label mt-3" >
Business Operations Dependence on Technology:
< br >
< small class = "form-text text-muted" >
Select the statement describing impact of 24-hour core IT outage - Direct measure of operational risk
< / small >
< / label >
2024-12-29 03:44:52 +01:00
< hr >
2025-04-24 12:53:26 +02:00
< div class = "pb-3" >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "it_dependency" id = "it-minimal" value = "minimal" required >
< label class = "form-check-label" for = "it-minimal" >
Minimal Disruption: Operations largely continue manually.
< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "it_dependency" id = "it-significant" value = "significant" >
< label class = "form-check-label" for = "it-significant" >
Significant Operational Impact: Core processes severely hindered.
< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "it_dependency" id = "it-major" value = "major" >
< label class = "form-check-label" for = "it-major" >
Major Revenue Loss / Service Delivery Failure: Critical functions cease.
< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "it_dependency" id = "it-continuity" value = "continuity-threatened" >
< label class = "form-check-label" for = "it-continuity" >
Business Continuity Threatened: Organization cannot function.
< / label >
< / div >
2024-12-29 03:44:52 +01:00
< / div >
< small class = "form-text text-muted py-3" > Measures the potential business impact of IT disruptions
and
helps prioritize security investments.< / small >
< / div >
2025-04-24 12:53:26 +02:00
<!-- Sensitive Data Level -->
< div class = "mb-3 question" id = "q7" >
< label class = "form-label mt-3" >
Sensitive Data Handled:
< br >
< small class = "form-text text-muted" >
Select all applicable categories - Core risk driver
< / small >
< / label >
2024-12-29 03:44:52 +01:00
< hr >
< div class = "pb-3" >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "checkbox" name = "sensitive_data" id = "data-customer-pii" value = "customer-pii" >
< label class = "form-check-label" for = "data-customer-pii" > Customer Personally Identifiable Information (PII - e.g., names, addresses, email)< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "checkbox" name = "sensitive_data" id = "data-employee-pii" value = "employee-pii" >
< label class = "form-check-label" for = "data-employee-pii" > Employee Personally Identifiable Information (PII)< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "checkbox" name = "sensitive_data" id = "data-phi" value = "phi" >
< label class = "form-check-label" for = "data-phi" > Protected Health Information (PHI)< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "checkbox" name = "sensitive_data" id = "data-pci" value = "pci" >
< label class = "form-check-label" for = "data-pci" > Payment Card Industry Data (PCI-DSS Scope)< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "checkbox" name = "sensitive_data" id = "data-financial" value = "financial" >
< label class = "form-check-label" for = "data-financial" > Confidential Financial Information (Non-PCI)< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "sensitive_data" id = "data-ip" value = "ip" >
< label class = "form-check-label" for = "data-ip" > Intellectual Property / Trade Secrets / R& D Data< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "sensitive_data" id = "data-strategy" value = "strategy" >
< label class = "form-check-label" for = "data-strategy" > Sensitive Business Strategy / M& A Data< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "sensitive_data" id = "data-gov" value = "government" >
< label class = "form-check-label" for = "data-gov" > Government Classified / Controlled Unclassified Information (CUI)< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "sensitive_data" id = "data-ot" value = "ot" >
< label class = "form-check-label" for = "data-ot" > Critical Operational Technology (OT) Data< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "sensitive_data" id = "data-none" value = "none" >
< label class = "form-check-label" for = "data-none" > None / Minimal Sensitive Data Handled< / label >
2024-12-29 03:44:52 +01:00
< / div >
< / div >
< small class = "form-text text-muted py-3" > Assesses the potential impact of data breaches and
determines
required security controls.< / small >
< / div >
2025-04-24 12:53:26 +02:00
<!-- Overall Sensitivity Level of Data Processed -->
< div class = "mb-3 question" id = "q8" >
< label class = "form-label mt-3" >
Overall Sensitivity Level of Data Processed:
< br >
< small class = "form-text text-muted" >
Select one - Subjective rating of value/impact
< / small >
< / label >
< hr >
< div class = "pb-3" >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "data_sensitivity" id = "sensitivity-low" value = "low" required >
< label class = "form-check-label" for = "sensitivity-low" >
Low (Primarily public or non-sensitive internal data)
< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "data_sensitivity" id = "sensitivity-medium" value = "medium" >
< label class = "form-check-label" for = "sensitivity-medium" >
Medium (Some confidential business data, basic PII)
< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "data_sensitivity" id = "sensitivity-high" value = "high" >
< label class = "form-check-label" for = "sensitivity-high" >
High (Significant PII/PHI, Financial Data, Critical IP)
< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "data_sensitivity" id = "sensitivity-very-high" value = "very-high" >
< label class = "form-check-label" for = "sensitivity-very-high" >
Very High (Large volumes of highly sensitive data, regulated data, "crown jewel" IP)
< / label >
< / div >
< / div >
< small class = "form-text text-muted py-3" >
Subjective rating of the value and impact of the data your organization processes.
< / small >
< / div >
<!-- Intellectual Property (IP) Value -->
2024-12-29 03:44:52 +01:00
< div class = "mb-3 question" id = "q9" >
2025-04-24 12:53:26 +02:00
< label class = "form-label mt-3" >
Intellectual Property (IP) Value:
< br >
< small class = "form-text text-muted" >
Select best description of IP's importance to the business model
< / small >
< / label >
2024-12-29 03:44:52 +01:00
< hr >
< div class = "pb-3" >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "ip_value" id = "ip-value-low" value = "low" required >
< label class = "form-check-label" for = "ip-value-low" >
Low: IP is not a significant differentiator or revenue driver.
< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "ip_value" id = "ip-value-medium" value = "medium" >
< label class = "form-check-label" for = "ip-value-medium" >
Medium: IP provides some competitive advantage or supports core products.
< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "ip_value" id = "ip-value-high" value = "high" >
< label class = "form-check-label" for = "ip-value-high" >
High: IP is a primary source of competitive advantage and revenue.
< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "ip_value" id = "ip-value-critical" value = "critical" >
< label class = "form-check-label" for = "ip-value-critical" >
Critical: Business model is fundamentally based on unique, high-value IP.
< / label >
2024-12-29 03:44:52 +01:00
< / div >
< / div >
2025-04-24 12:53:26 +02:00
< small class = "form-text text-muted py-3" >
Indicates the strategic importance of intellectual property to your organization.
< / small >
2024-12-29 03:44:52 +01:00
< / div >
<!-- Remote Workforce Percentage -->
< div class = "mb-3 question" id = "q10" >
< label class = "form-label mt-3" > What percentage of your workforce operates remotely?< / label >
< hr >
< div class = "pb-3" >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "remote_workforce_percentage" id = "remote-none" value = "none"
required>
< label class = "form-check-label" for = "remote-none" > None< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "remote_workforce_percentage" id = "remote-1-10"
value="1-10">
< label class = "form-check-label" for = "remote-1-10" > 1-10%< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "remote_workforce_percentage" id = "remote-above-10"
value="above-10">
< label class = "form-check-label" for = "remote-above-10" > Above 10%< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "remote_workforce_percentage" id = "remote-unknown"
value="unknown">
< label class = "form-check-label" for = "remote-unknown" > I don't know< / label >
< / div >
< / div >
< small class = "form-text text-muted py-3" > Evaluates remote access security requirements and potential
exposure to external threats.< / small >
< / div >
<!-- Third - Party Vendor Access -->
< div class = "mb-3 question" id = "q11" >
< label class = "form-label mt-3" > How many third-party vendors have access to your systems?< / label >
< hr >
< div class = "pb-3" >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "third_party_vendor_access" id = "vendor-none"
value="none" required>
< label class = "form-check-label" for = "vendor-none" > None< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "third_party_vendor_access" id = "vendor-1-5"
value="1-5">
< label class = "form-check-label" for = "vendor-1-5" > 1-5< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "third_party_vendor_access" id = "vendor-more-than-5"
value="more-than-5">
< label class = "form-check-label" for = "vendor-more-than-5" > More than 5< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "third_party_vendor_access" id = "vendor-unknown"
value="unknown">
< label class = "form-check-label" for = "vendor-unknown" > I don't know< / label >
< / div >
< / div >
< small class = "form-text text-muted py-3" > Assesses supply chain risk and the need for vendor security
management.< / small >
< / div >
<!-- Internal Software Development -->
< div class = "mb-3 question" id = "q12" >
2025-04-24 12:53:26 +02:00
< label class = "form-label mt-3" >
Internal Software Development for Critical Applications:
< br >
< small class = "form-text text-muted" >
Select one - Potential for introducing vulnerabilities
< / small >
< / label >
2024-12-29 03:44:52 +01:00
< hr >
< div class = "pb-3" >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "internal_software_development" id = "dev-none" value = "none" required >
< label class = "form-check-label" for = "dev-none" >
No internal development of critical business applications.
< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "internal_software_development" id = "dev-some" value = "some" >
2025-04-24 12:53:26 +02:00
< label class = "form-check-label" for = "dev-some" >
Yes, some critical business applications are developed internally.
< / label >
2024-12-29 03:44:52 +01:00
< / div >
2025-04-24 12:53:26 +02:00
< / div >
< small class = "form-text text-muted py-3" > Determines the need for secure development practices and
application security measures.< / small >
< / div >
<!-- IT Infrastructure Model -->
< div class = "mb-3 question" id = "q13" >
< label class = "form-label mt-3" > What is your primary IT infrastructure model?< / label >
< hr >
< div class = "pb-3" >
2024-12-29 03:44:52 +01:00
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "checkbox" name = "it_infrastructure" id = "it-on-prem"
value="on-premises">
< label class = "form-check-label" for = "it-on-prem" > On-premises systems< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "checkbox" name = "it_infrastructure" id = "it-cloud"
value="cloud-based">
< label class = "form-check-label" for = "it-cloud" > Cloud-based systems< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "it_infrastructure" id = "it-hybrid"
value="hybrid">
< label class = "form-check-label" for = "it-hybrid" > Hybrid infrastructure< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "it_infrastructure" id = "it-legacy"
value="legacy">
< label class = "form-check-label" for = "it-legacy" > Legacy systems< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "it_infrastructure" id = "it-modern"
value="modern">
< label class = "form-check-label" for = "it-modern" > Modern architecture< / label >
2024-12-29 03:44:52 +01:00
< / div >
< / div >
2025-04-24 12:53:26 +02:00
< small class = "form-text text-muted py-3" > Determines specific cybersecurity controls.< / small >
2024-12-29 03:44:52 +01:00
< / div >
2025-04-24 12:53:26 +02:00
< div class = "mb-3 question" id = "q14" >
2024-12-29 03:44:52 +01:00
2025-04-24 12:53:26 +02:00
< label class = "form-label mt-3" > We currently have sufficient information to prepare a basic report. However, providing additional details will help enhance the accuracy and depth of the final report. Would you like to share more information?< / label >
2024-12-29 03:44:52 +01:00
< hr >
< div class = "text-center" >
< div class = "text-center pb-3" >
< input class = "btn btn-warning btn-lg" type = "submit" name = "half_submit" id = "halfsubmit"
value="Generate report with basic data. ">
< / div >
< / div >
< small class = "form-text text-muted py-3" > Click Next if you want to provide more details. Each
question is
optional.< / small >
< / div >
<!-- skip rest if needed -->
2025-04-24 12:53:26 +02:00
<!-- Network Infrastructure Model -->
< div class = "mb-3 question" id = "q15" >
< label class = "form-label mt-3" >
Network Infrastructure Model:
< br >
< small class = "form-text text-muted" >
Select the primary model - Different inherent risks associated with each
< / small >
< / label >
< hr >
< div class = "pb-3" >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "network_infrastructure" id = "network-onprem" value = "on-premise" >
< label class = "form-check-label" for = "network-onprem" > Primarily On-Premise Data Centers< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "network_infrastructure" id = "network-cloud" value = "cloud" >
< label class = "form-check-label" for = "network-cloud" > Primarily Cloud-Based (IaaS, PaaS, SaaS)< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "network_infrastructure" id = "network-hybrid" value = "hybrid" >
< label class = "form-check-label" for = "network-hybrid" > Hybrid (Significant mix of On-Premise and Cloud)< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "network_infrastructure" id = "network-ot" value = "ot-ics" >
< label class = "form-check-label" for = "network-ot" > Primarily Operational Technology (OT) / Industrial Control Systems (ICS)< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "network_infrastructure" id = "network-complex" value = "complex-mix" >
< label class = "form-check-label" for = "network-complex" > Complex Multi-Cloud / Hybrid / OT mix< / label >
< / div >
< / div >
< small class = "form-text text-muted py-3" > Helps understand the complexity and vulnerability points in
your
technical environment.< / small >
< / div >
2024-12-29 03:44:52 +01:00
2025-04-24 12:53:26 +02:00
<!-- Geographic Operational Scope -->
< div class = "mb-3 question" id = "q16" >
< label class = "form-label mt-3" >
Geographic Operational Scope:
< br >
< small class = "form-text text-muted" >
Select the best description - Complexity, regulatory diversity, geopolitical risk
< / small >
< / label >
2024-12-29 03:44:52 +01:00
< hr >
< div class = "pb-3" >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "geographic_scope" id = "geo-single-country" value = "single-country" >
< label class = "form-check-label" for = "geo-single-country" > Single Country / Region< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "geographic_scope" id = "geo-multi-country" value = "multi-country" >
< label class = "form-check-label" for = "geo-multi-country" > Multiple Countries within one Continent< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "geographic_scope" id = "geo-multi-continent" value = "multi-continent" >
< label class = "form-check-label" for = "geo-multi-continent" > Multiple Continents< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "geographic_scope" id = "geo-global" value = "global" >
2025-04-24 12:53:26 +02:00
< label class = "form-check-label" for = "geo-global" > Global< / label >
2024-12-29 03:44:52 +01:00
< / div >
< / div >
< small class = "form-text text-muted py-3" > Determines exposure to different cybersecurity
regulations.< / small >
< / div >
2025-04-24 12:53:26 +02:00
<!-- Customer Base Distribution -->
< div class = "mb-3 question" id = "q17" >
< label class = "form-label mt-3" >
Customer Base Distribution:
< br >
< small class = "form-text text-muted" >
Select best description - Concentration risk
< / small >
< / label >
2024-12-29 03:44:52 +01:00
< hr >
< div class = "pb-3" >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "customer_base" id = "customer-highly-concentrated" value = "highly-concentrated" >
< label class = "form-check-label" for = "customer-highly-concentrated" > Highly Concentrated (Few large customers)< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "customer_base" id = "customer-moderately-distributed" value = "moderately-distributed" >
< label class = "form-check-label" for = "customer-moderately-distributed" > Moderately Distributed< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "customer_base" id = "customer-highly-distributed" value = "highly-distributed" >
< label class = "form-check-label" for = "customer-highly-distributed" > Highly Distributed (Many small customers)< / label >
2024-12-29 03:44:52 +01:00
< / div >
< / div >
< small class = "form-text text-muted py-3" > Assesses potential impact of data breaches.< / small >
< / div >
<!-- Primary Customer Type -->
2025-04-24 12:53:26 +02:00
< div class = "mb-3 question" id = "q18" >
< label class = "form-label mt-3" >
Primary Customer Type:
< br >
< small class = "form-text text-muted" >
Select one - Nature of data handled, potential impact group
< / small >
< / label >
2024-12-29 03:44:52 +01:00
< hr >
< div class = "pb-3" >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "customer_type" id = "customer-b2c" value = "b2c" >
< label class = "form-check-label" for = "customer-b2c" > Consumers (B2C)< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "customer_type" id = "customer-b2b" value = "b2b" >
< label class = "form-check-label" for = "customer-b2b" > Businesses (B2B)< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "customer_type" id = "customer-b2g" value = "b2g" >
< label class = "form-check-label" for = "customer-b2g" > Government Agencies (B2G)< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "customer_type" id = "customer-mix" value = "mix" >
< label class = "form-check-label" for = "customer-mix" > Mix of B2C / B2B< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "customer_type" id = "customer-internal" value = "internal" >
< label class = "form-check-label" for = "customer-internal" > Internal (e.g., Shared Service)< / label >
2024-12-29 03:44:52 +01:00
< / div >
< / div >
< small class = "form-text text-muted py-3" > Defines data protection requirements.< / small >
< / div >
<!-- Product/Service Portfolio -->
2025-04-24 12:53:26 +02:00
< div class = "mb-3 question" id = "q19" >
< label class = "form-label mt-3" >
Product/Service Portfolio Diversity:
< br >
< small class = "form-text text-muted" >
Select best description - Impact concentration
< / small >
< / label >
2024-12-29 03:44:52 +01:00
< hr >
< div class = "pb-3" >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "product_portfolio" id = "portfolio-focused" value = "focused" >
< label class = "form-check-label" for = "portfolio-focused" > Highly Focused (1-2 core products/services)< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "product_portfolio" id = "portfolio-moderate" value = "moderate" >
< label class = "form-check-label" for = "portfolio-moderate" > Moderately Diversified< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "product_portfolio" id = "portfolio-diversified" value = "diversified" >
< label class = "form-check-label" for = "portfolio-diversified" > Highly Diversified Portfolio< / label >
2024-12-29 03:44:52 +01:00
< / div >
< / div >
< small class = "form-text text-muted py-3" > Indicates the variety of systems requiring
protection.< / small >
< / div >
<!-- Supplier Base Structure -->
2025-04-24 12:53:26 +02:00
< div class = "mb-3 question" id = "q20" >
< label class = "form-label mt-3" >
Dependency on Critical Suppliers:
< br >
< small class = "form-text text-muted" >
How dependent is your core operation on a small number of critical suppliers (non-IT or IT)?
< / small >
< / label >
2024-12-29 03:44:52 +01:00
< hr >
< div class = "pb-3" >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "supplier_base" id = "supplier-low" value = "low" >
< label class = "form-check-label" for = "supplier-low" > Low Dependency / Many alternatives available.< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "supplier_base" id = "supplier-moderate" value = "moderate" >
< label class = "form-check-label" for = "supplier-moderate" > Moderate Dependency / Some critical suppliers, but alternatives exist.< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "supplier_base" id = "supplier-high" value = "high" >
< label class = "form-check-label" for = "supplier-high" > High Dependency / Reliant on a few critical suppliers with limited alternatives.< / label >
2024-12-29 03:44:52 +01:00
< / div >
< / div >
< small class = "form-text text-muted py-3" > Assesses third-party cybersecurity risks.< / small >
< / div >
<!-- Intellectual Property Protection -->
2025-04-24 12:53:26 +02:00
< div class = "mb-3 question" id = "q21" >
2024-12-29 03:44:52 +01:00
< label class = "form-label mt-3" > How does your organization protect and manage intellectual
property?< / label >
< hr >
< div class = "pb-3" >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "intellectual_property" id = "ip-patents"
value="patents">
< label class = "form-check-label" for = "ip-patents" > Patents owned< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "intellectual_property" id = "ip-licensed"
value="licensed-ip">
< label class = "form-check-label" for = "ip-licensed" > Licensed IP from others< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "intellectual_property" id = "ip-trade-secrets"
value="trade-secrets">
< label class = "form-check-label" for = "ip-trade-secrets" > Trade secrets< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "intellectual_property" id = "ip-joint"
value="joint-ip">
< label class = "form-check-label" for = "ip-joint" > Joint IP ownership< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "intellectual_property" id = "ip-none"
value="no-ip">
< label class = "form-check-label" for = "ip-none" > No significant IP< / label >
< / div >
< / div >
< small class = "form-text text-muted py-3" > Evaluates cybersecurity needs based on IP
ownership.< / small >
< / div >
<!-- Sensitive Data -->
2025-04-24 12:53:26 +02:00
< div class = "mb-3 question" id = "q22" >
2024-12-29 03:44:52 +01:00
< label class = "form-label mt-3" > What type of sensitive data does your organization handle?< / label >
< hr >
< div class = "pb-3" >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "checkbox" name = "sensitive_data_types" id = "data-personal"
2024-12-29 03:44:52 +01:00
value="personal">
< label class = "form-check-label" for = "data-personal" > Personal customer data< / label >
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "checkbox" name = "sensitive_data_types" id = "data-financial"
2024-12-29 03:44:52 +01:00
value="financial">
< label class = "form-check-label" for = "data-financial" > Financial records< / label >
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "checkbox" name = "sensitive_data_types" id = "data-healthcare"
2024-12-29 03:44:52 +01:00
value="healthcare">
< label class = "form-check-label" for = "data-healthcare" > Healthcare information< / label >
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "checkbox" name = "sensitive_data_types" id = "data-ip"
2024-12-29 03:44:52 +01:00
value="ip">
< label class = "form-check-label" for = "data-ip" > Intellectual property< / label >
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "checkbox" name = "sensitive_data_types" id = "data-gov"
2024-12-29 03:44:52 +01:00
value="government">
< label class = "form-check-label" for = "data-gov" > Government data< / label >
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "checkbox" name = "sensitive_data_types" id = "data-payment"
2024-12-29 03:44:52 +01:00
value="payment">
< label class = "form-check-label" for = "data-payment" > Payment card data< / label >
< / div >
< / div >
< small class = "form-text text-muted py-3" > Identifies compliance frameworks.< / small >
< / div >
<!-- Critical Business Systems -->
2025-04-24 12:53:26 +02:00
< div class = "mb-3 question" id = "q23" >
< label class = "form-label mt-3" >
Integration of Critical Business Systems:
< br >
< small class = "form-text text-muted" >
Select best description - Complexity, potential cascade failures
< / small >
< / label >
2024-12-29 03:44:52 +01:00
< hr >
< div class = "pb-3" >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "integration_level" id = "integration-low" value = "low" >
< label class = "form-check-label" for = "integration-low" >
Low: Systems largely operate independently.
< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "integration_level" id = "integration-moderate" value = "moderate" >
< label class = "form-check-label" for = "integration-moderate" >
Moderate: Some key systems integrated (e.g., CRM & ERP).
< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "integration_level" id = "integration-high" value = "high" >
< label class = "form-check-label" for = "integration-high" >
High: Tightly integrated ecosystem, failure in one impacts many.
< / label >
2024-12-29 03:44:52 +01:00
< / div >
< div class = "form-check" >
2025-04-24 12:53:26 +02:00
< input class = "form-check-input" type = "radio" name = "integration_level" id = "integration-complex" value = "complex" >
< label class = "form-check-label" for = "integration-complex" >
Complex: Highly integrated, often involving legacy and modern systems.
< / label >
2024-12-29 03:44:52 +01:00
< / div >
< / div >
< small class = "form-text text-muted py-3" > Evaluates potential for cascade failures.< / small >
< / div >
2025-04-24 12:53:26 +02:00
<!-- Rate of Technology / Business Change -->
< div class = "mb-3 question" id = "q24" >
< label class = "form-label mt-3" >
Rate of Technology / Business Change:
< br >
< small class = "form-text text-muted" >
Select best description - Higher change rate can increase risk
< / small >
< / label >
< hr >
< div class = "pb-3" >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "change_rate" id = "change-low" value = "low" >
< label class = "form-check-label" for = "change-low" >
Low: Stable environment, infrequent major changes.
< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "change_rate" id = "change-moderate" value = "moderate" >
< label class = "form-check-label" for = "change-moderate" >
Moderate: Regular updates and some process changes.
< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "radio" name = "change_rate" id = "change-high" value = "high" >
< label class = "form-check-label" for = "change-high" >
High: Frequent major technology rollouts or business model shifts.
< / label >
< / div >
< / div >
< small class = "form-text text-muted py-3" >
Higher change rates can increase risk and require more robust change management.
< / small >
< / div >
<!-- Relevant Threat Actors -->
< div class = "mb-3 question" id = "q25" >
< label class = "form-label mt-3" >
Relevant Threat Actors:
< br >
< small class = "form-text text-muted" >
Select the Top 2-3 most relevant threat actor types based on your industry/data
< / small >
< / label >
< hr >
< div class = "pb-3" >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "threat_actors" id = "threat-cybercriminals" value = "cybercriminals" >
< label class = "form-check-label" for = "threat-cybercriminals" > Cybercriminals (financially motivated)< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "threat_actors" id = "threat-nation-state" value = "nation-state" >
< label class = "form-check-label" for = "threat-nation-state" > Nation-State Actors (espionage, disruption)< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "threat_actors" id = "threat-hacktivists" value = "hacktivists" >
< label class = "form-check-label" for = "threat-hacktivists" > Hacktivists (ideologically motivated)< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "threat_actors" id = "threat-insider" value = "insider" >
< label class = "form-check-label" for = "threat-insider" > Insider Threats (malicious or accidental)< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "threat_actors" id = "threat-competitors" value = "competitors" >
< label class = "form-check-label" for = "threat-competitors" > Competitors (industrial espionage)< / label >
< / div >
< div class = "form-check" >
< input class = "form-check-input" type = "checkbox" name = "threat_actors" id = "threat-opportunistic" value = "opportunistic" >
< label class = "form-check-label" for = "threat-opportunistic" > Opportunistic Attackers (less sophisticated, broad attacks)< / label >
< / div >
< / div >
< small class = "form-text text-muted py-3" >
Helps prioritize security controls and monitoring based on likely threats.
< / small >
< / div >
2024-12-29 03:44:52 +01:00
< div class = "d-flex justify-content-end mt-4" >
< button type = "button" class = "btn btn-lg btn-outline-secondary me-3" id = "back" > Back< / button >
< button type = "submit" class = "btn btn-primary btn-lg" id = "submit" > Next< / button >
< button type = "button" class = "btn btn-primary btn-lg" id = "next" > Next< / button >
< / div >
< / form >
< / div >
< / div >
< / div >
2025-04-24 12:53:26 +02:00
< div class = "modal fade" id = "instructionsModal" tabindex = "-1" aria-labelledby = "instructionsModalLabel" aria-hidden = "true" >
< div class = "modal-dialog modal-lg modal-dialog-centered" >
< div class = "modal-content" >
< div class = "modal-header" >
< h5 class = "modal-title" id = "instructionsModalLabel" > < strong > Instructions< / strong > < / h5 >
< / div >
< div class = "modal-body" >
< p >
Please select the most appropriate answer(s) for each question to help us understand the organization's inherent cybersecurity risk profile.
< / p >
< ul >
< li > < strong > Basic Identification:< / strong > Name, Email< / li >
< li > < strong > Scale & Scope:< / strong > Headcount, Revenue, Geography, Customer Base, Products, Suppliers< / li >
< li > < strong > Operational Context:< / strong > Industry, Tech Dependency, Critical Apps, Remote Work, Third Parties, Internal Dev, Network Model, System Integration< / li >
< li > < strong > Data Focus:< / strong > Sensitive Data Type/Level, IP Protection< / li >
< li > < strong > Compliance:< / strong > Regulatory Frameworks< / li >
< li > < strong > Process:< / strong > Optional additional details.< / li >
< / ul >
< / div >
< div class = "modal-footer" >
< button type = "button" id = "startModalBtn" class = "btn btn-warning btn-lg" data-bs-dismiss = "modal" > Start< / button >
< / div >
< / div >
< / div >
< / div >
2024-12-29 03:44:52 +01:00
{% endblock content %}
{% block bottom %}
< script src = "/static/js/formHandling.js" > < / script >
{% endblock bottom %}
