1145 lines
74 KiB
HTML
1145 lines
74 KiB
HTML
{% load static %}
|
|
<head>
|
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
|
<title>Risk Assessment Questions</title>
|
|
<link href="{% static 'css/bootstrap.css' %}" rel="stylesheet">
|
|
<link href="{% static 'css/Jost.css' %}" rel="stylesheet">
|
|
<link href="{% static 'css/main.css' %}" rel="stylesheet">
|
|
<link href="{% static 'css/index.css' %}" rel="stylesheet">
|
|
<link href="{% static 'css/getstarted.css' %}" rel="stylesheet">
|
|
<link href="https://fonts.googleapis.com/css2?family=Darker+Grotesque:wght@300..900&display=swap" rel="stylesheet">
|
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.0/css/all.min.css">
|
|
</head>
|
|
|
|
<body>
|
|
<header>
|
|
<div class="gs-logo">
|
|
<a class="gs-logo" href="/">risklet</a>
|
|
</div>
|
|
<div class="progress mb-3" id="basic-progress-bar-wrap">
|
|
<div id="basic-progress-bar" class="progress-bar" role="progressbar" style="width: 0%"></div>
|
|
</div>
|
|
<div class="progress mb-3 d-none" id="advanced-progress-bar-wrap">
|
|
<div id="advanced-progress-bar" class="progress-bar bg-success" role="progressbar" style="width: 0%"></div>
|
|
</div>
|
|
</header>
|
|
<div class="container">
|
|
<div class="row">
|
|
<div class="col">
|
|
<div id="basic-progress" class="mb-3 text-center fw-bold"></div>
|
|
<div id="advanced-progress" class="mb-3 text-center fw-bold d-none"></div>
|
|
<hr>
|
|
<form method="post">
|
|
{% if form.errors %}
|
|
<div class="alert alert-danger">
|
|
<ul class="mb-0">
|
|
{% for field in form %}
|
|
{% for error in field.errors %}
|
|
<li><strong>{{ field.label }}:</strong> {{ error }}</li>
|
|
{% endfor %}
|
|
{% endfor %}
|
|
{% for error in form.non_field_errors %}
|
|
<li>{{ error }}</li>
|
|
{% endfor %}
|
|
</ul>
|
|
</div>
|
|
{% endif %}
|
|
{% csrf_token %}
|
|
<!-- Organization Name & Email -->
|
|
|
|
<div class="mb-3 question basic-section" id="q0">
|
|
<label class="form-label mt-3">Organization Name and Your Email:</label>
|
|
<hr>
|
|
<div class="pb-3">
|
|
<input type="text" class="form-control mb-3" id="name" name="name" placeholder="Organization Name" required>
|
|
<input type="email" class="form-control" id="email" name="email" placeholder="Your Email" required>
|
|
</div>
|
|
<small class="form-text text-muted py-3">
|
|
Enter the organization name and your email address. Both fields are required to continue.
|
|
</small>
|
|
<div id="org-email-error" class="text-danger py-2"></div>
|
|
</div>
|
|
|
|
<!-- Employee Headcount -->
|
|
<div class="mb-3 question basic-section" id="q1">
|
|
<label class="form-label mt-3">Employee Headcount:</label>
|
|
<small class="form-text text-muted">
|
|
Select one range - Scale factor for internal user base & potential insider risk
|
|
</small>
|
|
<hr>
|
|
<div class="pb-3">
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="employee_headcount" id="employees-1-50" value="1-50" required>
|
|
<label class="form-check-label" for="employees-1-50">
|
|
<i class="fa-solid fa-user"></i> 1 - 50
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="employee_headcount" id="employees-51-250" value="51-250">
|
|
<label class="form-check-label" for="employees-51-250">
|
|
<i class="fa-solid fa-users"></i> 51 - 250
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="employee_headcount" id="employees-251-1000" value="251-1000">
|
|
<label class="form-check-label" for="employees-251-1000">
|
|
<i class="fa-solid fa-building"></i> 251 - 1,000
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="employee_headcount" id="employees-1001-5000" value="1001-5000">
|
|
<label class="form-check-label" for="employees-1001-5000">
|
|
<i class="fa-solid fa-city"></i> 1,001 - 5,000
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="employee_headcount" id="employees-5001-10000" value="5001-10000">
|
|
<label class="form-check-label" for="employees-5001-10000">
|
|
<i class="fa-solid fa-industry"></i> 5,001 - 10,000
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="employee_headcount" id="employees-10000plus" value="10000+">
|
|
<label class="form-check-label" for="employees-10000plus">
|
|
<i class="fa-solid fa-landmark"></i> 10,000+
|
|
</label>
|
|
</div>
|
|
</div>
|
|
<small class="form-text text-muted py-3">Helps determine the scale of IT infrastructure and security
|
|
needs based on user volume.</small>
|
|
</div>
|
|
|
|
<!-- Annual Revenue -->
|
|
<div class="mb-3 question basic-section" id="q2">
|
|
<label class="form-label mt-3">
|
|
Annual Revenue Range:
|
|
<br>
|
|
<small class="form-text text-muted">
|
|
Select one range - Indicates scale, potential financial impact, and attractiveness
|
|
</small>
|
|
</label>
|
|
<hr>
|
|
<div class="pb-3">
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="annual_revenue" id="revenue-under-10m" value="under-10m" required>
|
|
<label class="form-check-label" for="revenue-under-10m">
|
|
<i class="fa-solid fa-coins"></i> < $10 Million
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="annual_revenue" id="revenue-10m-250m" value="10m-250m">
|
|
<label class="form-check-label" for="revenue-10m-250m">
|
|
<i class="fa-solid fa-sack-dollar"></i> $10M - $250 Million
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="annual_revenue" id="revenue-250m-1b" value="250m-1b">
|
|
<label class="form-check-label" for="revenue-250m-1b">
|
|
<i class="fa-solid fa-money-bill-wave"></i> $250M - $1 Billion
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="annual_revenue" id="revenue-1b-5b" value="1b-5b">
|
|
<label class="form-check-label" for="revenue-1b-5b">
|
|
<i class="fa-solid fa-vault"></i> $1B - $5 Billion
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="annual_revenue" id="revenue-above-5b" value="above-5b">
|
|
<label class="form-check-label" for="revenue-above-5b">
|
|
<i class="fa-solid fa-gem"></i> > $5 Billion
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="annual_revenue" id="revenue-non-profit" value="non-profit">
|
|
<label class="form-check-label" for="revenue-non-profit">
|
|
<i class="fa-solid fa-hand-holding-heart"></i> Not Applicable / Non-Profit
|
|
</label>
|
|
</div>
|
|
</div>
|
|
<small class="form-text text-muted py-3">Indicates available resources for cybersecurity investments
|
|
and
|
|
helps assess risk appetite.</small>
|
|
</div>
|
|
|
|
<!-- Critical Business Applications -->
|
|
<div class="mb-3 question basic-section" id="q3">
|
|
<label class="form-label mt-3">How many critical business applications do your employees use
|
|
daily?</label>
|
|
<hr>
|
|
<div class="pb-3">
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="critical_applications" id="apps-1-5" value="1-5" required>
|
|
<label class="form-check-label" for="apps-1-5">
|
|
<i class="fa-solid fa-laptop"></i> 1-5
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="critical_applications" id="apps-5-20" value="5-20">
|
|
<label class="form-check-label" for="apps-5-20">
|
|
<i class="fa-solid fa-network-wired"></i> 5-20
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="critical_applications" id="apps-more-than-20" value="more-than-20">
|
|
<label class="form-check-label" for="apps-more-than-20">
|
|
<i class="fa-solid fa-server"></i> More than 20
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="critical_applications" id="apps-unknown" value="unknown">
|
|
<label class="form-check-label" for="apps-unknown">
|
|
<i class="fa-solid fa-question-circle"></i> I don't know
|
|
</label>
|
|
</div>
|
|
</div>
|
|
<small class="form-text text-muted py-3">Reveals the complexity of your technology landscape and
|
|
potential attack surface.</small>
|
|
</div>
|
|
|
|
<!-- Regulatory Frameworks -->
|
|
<div class="mb-3 question basic-section" id="q4">
|
|
<label class="form-label mt-3">
|
|
Applicable Regulatory / Compliance Frameworks:
|
|
<br>
|
|
<small class="form-text text-muted">
|
|
Select all applicable - Indicates compliance burden & potential fines/penalties
|
|
</small>
|
|
</label>
|
|
<hr>
|
|
<div class="pb-3 option-grid">
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="checkbox" name="compliance_frameworks" id="compliance-gdpr" value="gdpr">
|
|
<label class="form-check-label" for="compliance-gdpr">
|
|
<i class="fa-solid fa-globe-europe"></i> GDPR
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="checkbox" name="compliance_frameworks" id="compliance-ccpa" value="ccpa">
|
|
<label class="form-check-label" for="compliance-ccpa">
|
|
<i class="fa-solid fa-flag-usa"></i> CCPA / CPRA
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="checkbox" name="compliance_frameworks" id="compliance-cra" value="cra">
|
|
<label class="form-check-label" for="compliance-cra">
|
|
<i class="fa-solid fa-shield-halved"></i> CRA (Cyber Resilience Act)
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="checkbox" name="compliance_frameworks" id="compliance-nis2" value="nis2">
|
|
<label class="form-check-label" for="compliance-nis2">
|
|
<i class="fa-solid fa-plug-circle-bolt"></i> NIS2
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="checkbox" name="compliance_frameworks" id="compliance-hipaa" value="hipaa">
|
|
<label class="form-check-label" for="compliance-hipaa">
|
|
<i class="fa-solid fa-notes-medical"></i> HIPAA
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="checkbox" name="compliance_frameworks" id="compliance-pci-dss" value="pci-dss">
|
|
<label class="form-check-label" for="compliance-pci-dss">
|
|
<i class="fa-solid fa-credit-card"></i> PCI-DSS
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="checkbox" name="compliance_frameworks" id="compliance-sox" value="sox">
|
|
<label class="form-check-label" for="compliance-sox">
|
|
<i class="fa-solid fa-chart-line"></i> SOX
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="checkbox" name="compliance_frameworks" id="compliance-cmmc" value="cmmc">
|
|
<label class="form-check-label" for="compliance-cmmc">
|
|
<i class="fa-solid fa-medal"></i> CMMC
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="checkbox" name="compliance_frameworks" id="compliance-energy" value="energy">
|
|
<label class="form-check-label" for="compliance-energy">
|
|
<i class="fa-solid fa-bolt"></i> Specific Energy Regulations (e.g., NERC CIP)
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="checkbox" name="compliance_frameworks" id="compliance-financial" value="financial">
|
|
<label class="form-check-label" for="compliance-financial">
|
|
<i class="fa-solid fa-building-columns"></i> Specific Financial Regulations (DORA)
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="checkbox" name="compliance_frameworks" id="compliance-none" value="none">
|
|
<label class="form-check-label" for="compliance-none">
|
|
<i class="fa-solid fa-circle-xmark"></i> None / Primarily Best Practices Driven
|
|
</label>
|
|
</div>
|
|
<div class="form-check other-gap">
|
|
<div class="other-row">
|
|
<input class="form-check-input" type="checkbox" name="compliance_frameworks" id="compliance-other" value="other">
|
|
<label class="form-check-label ms-2" for="compliance-other">
|
|
<i class="fa-solid fa-ellipsis"></i> Other Industry-Specific Regulations:
|
|
</label>
|
|
</div>
|
|
<input type="text" class="form-control mt-2" name="compliance_frameworks_other" id="compliance-frameworks-other-text" placeholder="Please specify">
|
|
</div>
|
|
</div>
|
|
<small class="form-text text-muted py-3">Identifies mandatory security controls and compliance
|
|
requirements that must be implemented.</small>
|
|
</div>
|
|
|
|
<!-- Industry Sector -->
|
|
<div class="mb-3 question basic-section" id="q5">
|
|
<label class="form-label mt-3">
|
|
Primary Industry Sector:
|
|
<br>
|
|
<small class="form-text text-muted">
|
|
Select the main industry sector that best describes your organization.
|
|
</small>
|
|
</label>
|
|
<hr>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="industry_sector" id="industry-agriculture" value="Agriculture, forestry and fishing" required>
|
|
<label class="form-check-label" for="industry-agriculture">
|
|
<i class="fa-solid fa-seedling"></i> Agriculture, forestry and fishing
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="industry_sector" id="industry-mining" value="Mining and quarrying">
|
|
<label class="form-check-label" for="industry-mining">
|
|
<i class="fa-solid fa-mountain"></i> Mining and quarrying
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="industry_sector" id="industry-manufacturing" value="Manufacturing">
|
|
<label class="form-check-label" for="industry-manufacturing">
|
|
<i class="fa-solid fa-industry"></i> Manufacturing
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="industry_sector" id="industry-electricity" value="Electricity, gas, steam and air conditioning supply">
|
|
<label class="form-check-label" for="industry-electricity">
|
|
<i class="fa-solid fa-bolt"></i> Electricity, gas, steam and air conditioning supply
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="industry_sector" id="industry-water" value="Water supply; sewerage, waste management and remediation activities">
|
|
<label class="form-check-label" for="industry-water">
|
|
<i class="fa-solid fa-water"></i> Water supply; sewerage, waste management and remediation activities
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="industry_sector" id="industry-construction" value="Construction">
|
|
<label class="form-check-label" for="industry-construction">
|
|
<i class="fa-solid fa-person-digging"></i> Construction
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="industry_sector" id="industry-wholesale" value="Wholesale and retail trade; repair of motor vehicles and motorcycles">
|
|
<label class="form-check-label" for="industry-wholesale">
|
|
<i class="fa-solid fa-store"></i> Wholesale and retail trade; repair of motor vehicles and motorcycles
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="industry_sector" id="industry-transportation" value="Transportation and storage">
|
|
<label class="form-check-label" for="industry-transportation">
|
|
<i class="fa-solid fa-truck"></i> Transportation and storage
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="industry_sector" id="industry-accommodation" value="Accommodation and food service activities">
|
|
<label class="form-check-label" for="industry-accommodation">
|
|
<i class="fa-solid fa-hotel"></i> Accommodation and food service activities
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="industry_sector" id="industry-information" value="Information and communication">
|
|
<label class="form-check-label" for="industry-information">
|
|
<i class="fa-solid fa-satellite-dish"></i> Information and communication
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="industry_sector" id="industry-financial" value="Financial institutions">
|
|
<label class="form-check-label" for="industry-financial">
|
|
<i class="fa-solid fa-building-columns"></i> Financial institutions
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="industry_sector" id="industry-realestate" value="Renting, buying and selling of real estate">
|
|
<label class="form-check-label" for="industry-realestate">
|
|
<i class="fa-solid fa-house-chimney"></i> Renting, buying and selling of real estate
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="industry_sector" id="industry-consultancy" value="Consultancy, research and other specialised business services">
|
|
<label class="form-check-label" for="industry-consultancy">
|
|
<i class="fa-solid fa-user-tie"></i> Consultancy, research and other specialised business services
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="industry_sector" id="industry-leasing" value="Renting and leasing of tangible goods and other business support services">
|
|
<label class="form-check-label" for="industry-leasing">
|
|
<i class="fa-solid fa-truck-moving"></i> Renting and leasing of tangible goods and other business support services
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="industry_sector" id="industry-public" value="Public administration, public services and compulsory social security">
|
|
<label class="form-check-label" for="industry-public">
|
|
<i class="fa-solid fa-landmark-flag"></i> Public administration, public services and compulsory social security
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="industry_sector" id="industry-education" value="Education">
|
|
<label class="form-check-label" for="industry-education">
|
|
<i class="fa-solid fa-graduation-cap"></i> Education
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="industry_sector" id="industry-health" value="Human health and social work activities">
|
|
<label class="form-check-label" for="industry-health">
|
|
<i class="fa-solid fa-notes-medical"></i> Human health and social work activities
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="industry_sector" id="industry-culture" value="Culture, sports and recreation">
|
|
<label class="form-check-label" for="industry-culture">
|
|
<i class="fa-solid fa-masks-theater"></i> Culture, sports and recreation
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="industry_sector" id="industry-households" value="Activities of households as employers; undifferentiated goods- and service- producing activities of households for own use">
|
|
<label class="form-check-label" for="industry-households">
|
|
<i class="fa-solid fa-people-roof"></i> Activities of households as employers; undifferentiated goods- and service- producing activities of households for own use
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="industry_sector" id="industry-extraterritorial" value="Extraterritorial organisations and bodies">
|
|
<label class="form-check-label" for="industry-extraterritorial">
|
|
<i class="fa-solid fa-globe"></i> Extraterritorial organisations and bodies
|
|
</label>
|
|
</div>
|
|
<div class="form-check other-gap">
|
|
<input class="form-check-input" type="radio" name="industry_sector" id="industry-other-services" value="Other service activities">
|
|
<label class="form-check-label" for="industry-other-services">
|
|
<i class="fa-solid fa-ellipsis"></i> Other service activities
|
|
</label>
|
|
<input type="text" class="form-control mt-2" name="industry_sector_other" id="industry-sector-other-text" placeholder="If Other, please specify">
|
|
</div>
|
|
<small class="form-text text-muted py-3">
|
|
Determines industry-specific threats, regulations, and security best practices applicable to your business.
|
|
</small>
|
|
</div>
|
|
|
|
<!-- IT Dependency -->
|
|
<div class="mb-3 question basic-section" id="q6">
|
|
<label class="form-label mt-3">
|
|
Business Operations Dependence on Technology:
|
|
<br>
|
|
<small class="form-text text-muted">
|
|
Select the statement describing impact of 24-hour core IT outage - Direct measure of operational risk
|
|
</small>
|
|
</label>
|
|
<hr>
|
|
<div class="pb-3">
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="it_dependency" id="it-minimal" value="minimal" required>
|
|
<label class="form-check-label" for="it-minimal">
|
|
<i class="fa-solid fa-person-walking"></i> Minimal Disruption: Operations largely continue manually.
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="it_dependency" id="it-significant" value="significant">
|
|
<label class="form-check-label" for="it-significant">
|
|
<i class="fa-solid fa-triangle-exclamation"></i> Significant Operational Impact: Core processes severely hindered.
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="it_dependency" id="it-major" value="major">
|
|
<label class="form-check-label" for="it-major">
|
|
<i class="fa-solid fa-sack-xmark"></i> Major Revenue Loss / Service Delivery Failure: Critical functions cease.
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="it_dependency" id="it-continuity" value="continuity-threatened">
|
|
<label class="form-check-label" for="it-continuity">
|
|
<i class="fa-solid fa-ban"></i> Business Continuity Threatened: Organization cannot function.
|
|
</label>
|
|
</div>
|
|
</div>
|
|
<small class="form-text text-muted py-3">Measures the potential business impact of IT disruptions
|
|
and
|
|
helps prioritize security investments.</small>
|
|
</div>
|
|
|
|
<!-- Sensitive Data Level -->
|
|
<div class="mb-3 question basic-section" id="q7">
|
|
<label class="form-label mt-3">
|
|
Sensitive Data Types & Business Impact in Case of Loss or Compromise
|
|
<br>
|
|
<small class="form-text text-muted">
|
|
For each data type, mark if applicable and rate the business impact (1 - Very Low, 5 - Critical).
|
|
</small>
|
|
</label>
|
|
<hr>
|
|
<table class="table table-bordered align-middle">
|
|
<thead>
|
|
<tr>
|
|
<th>Data Type</th>
|
|
<th style="width:10px">Applicable?</th>
|
|
<th>Business Impact</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
<tr>
|
|
<td>Personal Data (PII, PHI, etc.)</td>
|
|
<td>
|
|
<input type="checkbox" name="personal_applicable" id="personal_applicable">
|
|
</td>
|
|
<td>
|
|
<div class="btn-group" role="group" aria-label="Business Impact">
|
|
<input type="radio" class="btn-check" name="personal_impact" id="personal_impact_1" value="1">
|
|
<label class="btn btn-outline-success btn-sm" for="personal_impact_1">1</label>
|
|
<input type="radio" class="btn-check" name="personal_impact" id="personal_impact_2" value="2">
|
|
<label class="btn btn-outline-success btn-sm" for="personal_impact_2">2</label>
|
|
<input type="radio" class="btn-check" name="personal_impact" id="personal_impact_3" value="3">
|
|
<label class="btn btn-outline-success btn-sm" for="personal_impact_3">3</label>
|
|
<input type="radio" class="btn-check" name="personal_impact" id="personal_impact_4" value="4">
|
|
<label class="btn btn-outline-success btn-sm" for="personal_impact_4">4</label>
|
|
<input type="radio" class="btn-check" name="personal_impact" id="personal_impact_5" value="5">
|
|
<label class="btn btn-outline-success btn-sm" for="personal_impact_5">5</label>
|
|
</div>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td>Financial Data (PCI, records)</td>
|
|
<td>
|
|
<input type="checkbox" name="financial_applicable" id="financial_applicable">
|
|
</td>
|
|
<td>
|
|
<div class="btn-group" role="group" aria-label="Business Impact">
|
|
<input type="radio" class="btn-check" name="financial_impact" id="financial_impact_1" value="1">
|
|
<label class="btn btn-outline-success btn-sm" for="financial_impact_1">1</label>
|
|
<input type="radio" class="btn-check" name="financial_impact" id="financial_impact_2" value="2">
|
|
<label class="btn btn-outline-success btn-sm" for="financial_impact_2">2</label>
|
|
<input type="radio" class="btn-check" name="financial_impact" id="financial_impact_3" value="3">
|
|
<label class="btn btn-outline-success btn-sm" for="financial_impact_3">3</label>
|
|
<input type="radio" class="btn-check" name="financial_impact" id="financial_impact_4" value="4">
|
|
<label class="btn btn-outline-success btn-sm" for="financial_impact_4">4</label>
|
|
<input type="radio" class="btn-check" name="financial_impact" id="financial_impact_5" value="5">
|
|
<label class="btn btn-outline-success btn-sm" for="financial_impact_5">5</label>
|
|
</div>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td>Intellectual Property / Strategic Data</td>
|
|
<td>
|
|
<input type="checkbox" name="ip_applicable" id="ip_applicable">
|
|
</td>
|
|
<td>
|
|
<div class="btn-group" role="group" aria-label="Business Impact">
|
|
<input type="radio" class="btn-check" name="ip_impact" id="ip_impact_1" value="1">
|
|
<label class="btn btn-outline-success btn-sm" for="ip_impact_1">1</label>
|
|
<input type="radio" class="btn-check" name="ip_impact" id="ip_impact_2" value="2">
|
|
<label class="btn btn-outline-success btn-sm" for="ip_impact_2">2</label>
|
|
<input type="radio" class="btn-check" name="ip_impact" id="ip_impact_3" value="3">
|
|
<label class="btn btn-outline-success btn-sm" for="ip_impact_3">3</label>
|
|
<input type="radio" class="btn-check" name="ip_impact" id="ip_impact_4" value="4">
|
|
<label class="btn btn-outline-success btn-sm" for="ip_impact_4">4</label>
|
|
<input type="radio" class="btn-check" name="ip_impact" id="ip_impact_5" value="5">
|
|
<label class="btn btn-outline-success btn-sm" for="ip_impact_5">5</label>
|
|
</div>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td>Critical Operational Data</td>
|
|
<td>
|
|
<input type="checkbox" name="operational_applicable" id="operational_applicable">
|
|
</td>
|
|
<td>
|
|
<div class="btn-group" role="group" aria-label="Business Impact">
|
|
<input type="radio" class="btn-check" name="operational_impact" id="operational_impact_1" value="1">
|
|
<label class="btn btn-outline-success btn-sm" for="operational_impact_1">1</label>
|
|
<input type="radio" class="btn-check" name="operational_impact" id="operational_impact_2" value="2">
|
|
<label class="btn btn-outline-success btn-sm" for="operational_impact_2">2</label>
|
|
<input type="radio" class="btn-check" name="operational_impact" id="operational_impact_3" value="3">
|
|
<label class="btn btn-outline-success btn-sm" for="operational_impact_3">3</label>
|
|
<input type="radio" class="btn-check" name="operational_impact" id="operational_impact_4" value="4">
|
|
<label class="btn btn-outline-success btn-sm" for="operational_impact_4">4</label>
|
|
<input type="radio" class="btn-check" name="operational_impact" id="operational_impact_5" value="5">
|
|
<label class="btn btn-outline-success btn-sm" for="operational_impact_5">5</label>
|
|
</div>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td>Government/Controlled Data</td>
|
|
<td>
|
|
<input type="checkbox" name="government_applicable" id="government_applicable">
|
|
</td>
|
|
<td>
|
|
<div class="btn-group" role="group" aria-label="Business Impact">
|
|
<input type="radio" class="btn-check" name="government_impact" id="government_impact_1" value="1">
|
|
<label class="btn btn-outline-success btn-sm" for="government_impact_1">1</label>
|
|
<input type="radio" class="btn-check" name="government_impact" id="government_impact_2" value="2">
|
|
<label class="btn btn-outline-success btn-sm" for="government_impact_2">2</label>
|
|
<input type="radio" class="btn-check" name="government_impact" id="government_impact_3" value="3">
|
|
<label class="btn btn-outline-success btn-sm" for="government_impact_3">3</label>
|
|
<input type="radio" class="btn-check" name="government_impact" id="government_impact_4" value="4">
|
|
<label class="btn btn-outline-success btn-sm" for="government_impact_4">4</label>
|
|
<input type="radio" class="btn-check" name="government_impact" id="government_impact_5" value="5">
|
|
<label class="btn btn-outline-success btn-sm" for="government_impact_5">5</label>
|
|
</div>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td>None / Minimal Sensitive Data</td>
|
|
<td>
|
|
<input type="checkbox" name="none_applicable" id="none_applicable">
|
|
</td>
|
|
<td>
|
|
N/A
|
|
</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
<small class="form-text text-muted py-3">
|
|
Use the scale to indicate how critical each applicable data type is for your business.
|
|
</small>
|
|
</div>
|
|
|
|
<!-- Remote Workforce Percentage -->
|
|
<div class="mb-3 question basic-section" id="q8">
|
|
<label class="form-label mt-3">What percentage of your workforce operates remotely?</label>
|
|
<hr>
|
|
<div class="pb-3">
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="remote_workforce_percentage" id="remote-none" value="none" required>
|
|
<label class="form-check-label" for="remote-none">
|
|
<i class="fa-solid fa-building-user"></i> None
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="remote_workforce_percentage" id="remote-1-10" value="1-10">
|
|
<label class="form-check-label" for="remote-1-10">
|
|
<i class="fa-solid fa-user-house"></i> 1-10%
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="remote_workforce_percentage" id="remote-above-10" value="above-10">
|
|
<label class="form-check-label" for="remote-above-10">
|
|
<i class="fa-solid fa-people-roof"></i> Above 10%
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="remote_workforce_percentage" id="remote-unknown" value="unknown">
|
|
<label class="form-check-label" for="remote-unknown">
|
|
<i class="fa-solid fa-question-circle"></i> I don't know
|
|
</label>
|
|
</div>
|
|
</div>
|
|
<small class="form-text text-muted py-3">Evaluates remote access security requirements and potential
|
|
exposure to external threats.</small>
|
|
</div>
|
|
|
|
<!-- Third-Party Vendor Access -->
|
|
<div class="mb-3 question basic-section" id="q9">
|
|
<label class="form-label mt-3">How many third-party vendors have access to your systems?</label>
|
|
<hr>
|
|
<div class="pb-3">
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="third_party_vendor_access" id="vendor-none" value="none" required>
|
|
<label class="form-check-label" for="vendor-none">
|
|
<i class="fa-solid fa-ban"></i> None
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="third_party_vendor_access" id="vendor-1-5" value="1-5">
|
|
<label class="form-check-label" for="vendor-1-5">
|
|
<i class="fa-solid fa-handshake"></i> 1-5
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="third_party_vendor_access" id="vendor-more-than-5" value="more-than-5">
|
|
<label class="form-check-label" for="vendor-more-than-5">
|
|
<i class="fa-solid fa-people-group"></i> More than 5
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="third_party_vendor_access" id="vendor-unknown" value="unknown">
|
|
<label class="form-check-label" for="vendor-unknown">
|
|
<i class="fa-solid fa-question-circle"></i> I don't know
|
|
</label>
|
|
</div>
|
|
</div>
|
|
<small class="form-text text-muted py-3">Assesses supply chain risk and the need for vendor security
|
|
management.</small>
|
|
</div>
|
|
|
|
<!-- Internal Software Development -->
|
|
<div class="mb-3 question basic-section" id="q10">
|
|
<label class="form-label mt-3">
|
|
Internal Software Development for Critical Applications:
|
|
<br>
|
|
<small class="form-text text-muted">
|
|
Select one - Potential for introducing vulnerabilities
|
|
</small>
|
|
</label>
|
|
<hr>
|
|
<div class="pb-3">
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="internal_software_development" id="dev-none" value="none" required>
|
|
<label class="form-check-label" for="dev-none">
|
|
<i class="fa-solid fa-ban"></i> No internal development of critical business applications.
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="internal_software_development" id="dev-some" value="some">
|
|
<label class="form-check-label" for="dev-some">
|
|
<i class="fa-solid fa-code"></i> Yes, some critical business applications are developed internally.
|
|
</label>
|
|
</div>
|
|
</div>
|
|
<small class="form-text text-muted py-3">Determines the need for secure development practices and
|
|
application security measures.</small>
|
|
</div>
|
|
|
|
<!-- IT Infrastructure Model -->
|
|
<div class="mb-3 question basic-section" id="q11">
|
|
<label class="form-label mt-3">What is your primary IT infrastructure model?</label>
|
|
<hr>
|
|
<div class="pb-3">
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="it_infrastructure" id="it-on-prem" value="on-premises">
|
|
<label class="form-check-label" for="it-on-prem">
|
|
<i class="fa-solid fa-server"></i> On-premises systems
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="it_infrastructure" id="it-cloud" value="cloud-based">
|
|
<label class="form-check-label" for="it-cloud">
|
|
<i class="fa-solid fa-cloud"></i> Cloud-based systems
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="it_infrastructure" id="it-hybrid" value="hybrid">
|
|
<label class="form-check-label" for="it-hybrid">
|
|
<i class="fa-solid fa-diagram-project"></i> Hybrid infrastructure
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="it_infrastructure" id="it-legacy" value="legacy">
|
|
<label class="form-check-label" for="it-legacy">
|
|
<i class="fa-solid fa-computer"></i> Legacy systems
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="it_infrastructure" id="it-modern" value="modern">
|
|
<label class="form-check-label" for="it-modern">
|
|
<i class="fa-solid fa-microchip"></i> Modern architecture
|
|
</label>
|
|
</div>
|
|
</div>
|
|
<small class="form-text text-muted py-3">Determines specific cybersecurity controls.</small>
|
|
</div>
|
|
|
|
|
|
<!-- Network Infrastructure Model -->
|
|
<div class="mb-3 question basic-section" id="q12">
|
|
<label class="form-label mt-3">
|
|
Network Infrastructure Model:
|
|
<br>
|
|
<small class="form-text text-muted">
|
|
Select the primary model - Different inherent risks associated with each
|
|
</small>
|
|
</label>
|
|
<hr>
|
|
<div class="pb-3">
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="network_infrastructure" id="network-onprem" value="on-premise">
|
|
<label class="form-check-label" for="network-onprem">
|
|
<i class="fa-solid fa-server"></i> Primarily On-Premise Data Centers
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="network_infrastructure" id="network-cloud" value="cloud">
|
|
<label class="form-check-label" for="network-cloud">
|
|
<i class="fa-solid fa-cloud"></i> Primarily Cloud-Based (IaaS, PaaS, SaaS)
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="network_infrastructure" id="network-hybrid" value="hybrid">
|
|
<label class="form-check-label" for="network-hybrid">
|
|
<i class="fa-solid fa-diagram-project"></i> Hybrid (Significant mix of On-Premise and Cloud)
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="network_infrastructure" id="network-ot" value="ot-ics">
|
|
<label class="form-check-label" for="network-ot">
|
|
<i class="fa-solid fa-industry"></i> Primarily Operational Technology (OT) / Industrial Control Systems (ICS)
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="network_infrastructure" id="network-complex" value="complex-mix">
|
|
<label class="form-check-label" for="network-complex">
|
|
<i class="fa-solid fa-network-wired"></i> Complex Multi-Cloud / Hybrid / OT mix
|
|
</label>
|
|
</div>
|
|
</div>
|
|
<small class="form-text text-muted py-3">Helps understand the complexity and vulnerability points in
|
|
your
|
|
technical environment.</small>
|
|
</div>
|
|
|
|
<!-- Geographic Operational Scope -->
|
|
<div class="mb-3 question basic-section" id="q13">
|
|
<label class="form-label mt-3">
|
|
Geographic Operational Scope:
|
|
<br>
|
|
<small class="form-text text-muted">
|
|
Select the best description - Complexity, regulatory diversity, geopolitical risk
|
|
</small>
|
|
</label>
|
|
<hr>
|
|
<div class="pb-3">
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="geographic_scope" id="geo-single-country" value="single-country">
|
|
<label class="form-check-label" for="geo-single-country">
|
|
<i class="fa-solid fa-location-dot"></i> Single Country / Region
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="geographic_scope" id="geo-multi-country" value="multi-country">
|
|
<label class="form-check-label" for="geo-multi-country">
|
|
<i class="fa-solid fa-earth-europe"></i> Multiple Countries within one Continent
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="geographic_scope" id="geo-multi-continent" value="multi-continent">
|
|
<label class="form-check-label" for="geo-multi-continent">
|
|
<i class="fa-solid fa-globe"></i> Multiple Continents
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="geographic_scope" id="geo-global" value="global">
|
|
<label class="form-check-label" for="geo-global">
|
|
<i class="fa-solid fa-earth-americas"></i> Global
|
|
</label>
|
|
</div>
|
|
</div>
|
|
<small class="form-text text-muted py-3">Determines exposure to different cybersecurity
|
|
regulations.</small>
|
|
</div>
|
|
|
|
<!--Customer Base Distribution -->
|
|
<div class="mb-3 question basic-section" id="q14">
|
|
<label class="form-label mt-3">
|
|
Customer Base Distribution:
|
|
<br>
|
|
<small class="form-text text-muted">
|
|
Select best description - Concentration risk
|
|
</small>
|
|
</label>
|
|
<hr>
|
|
<div class="pb-3">
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="customer_base" id="customer-highly-concentrated" value="highly-concentrated">
|
|
<label class="form-check-label" for="customer-highly-concentrated">
|
|
<i class="fa-solid fa-users-between-lines"></i> Highly Concentrated (Few large customers)
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="customer_base" id="customer-moderately-distributed" value="moderately-distributed">
|
|
<label class="form-check-label" for="customer-moderately-distributed">
|
|
<i class="fa-solid fa-users"></i> Moderately Distributed
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="customer_base" id="customer-highly-distributed" value="highly-distributed">
|
|
<label class="form-check-label" for="customer-highly-distributed">
|
|
<i class="fa-solid fa-people-group"></i> Highly Distributed (Many small customers)
|
|
</label>
|
|
</div>
|
|
</div>
|
|
<small class="form-text text-muted py-3">Assesses potential impact of data breaches.</small>
|
|
</div>
|
|
|
|
|
|
<!-- Primary Customer Type -->
|
|
<div class="mb-3 question basic-section" id="q15">
|
|
<label class="form-label mt-3">
|
|
Primary Customer Type:
|
|
<br>
|
|
<small class="form-text text-muted">
|
|
Select one - Nature of data handled, potential impact group
|
|
</small>
|
|
</label>
|
|
<hr>
|
|
<div class="pb-3">
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="customer_type" id="customer-b2c" value="b2c">
|
|
<label class="form-check-label" for="customer-b2c">
|
|
<i class="fa-solid fa-user"></i> Consumers (B2C)
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="customer_type" id="customer-b2b" value="b2b">
|
|
<label class="form-check-label" for="customer-b2b">
|
|
<i class="fa-solid fa-briefcase"></i> Businesses (B2B)
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="customer_type" id="customer-b2g" value="b2g">
|
|
<label class="form-check-label" for="customer-b2g">
|
|
<i class="fa-solid fa-landmark"></i> Government Agencies (B2G)
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="customer_type" id="customer-mix" value="mix">
|
|
<label class="form-check-label" for="customer-mix">
|
|
<i class="fa-solid fa-layer-group"></i> Mix of B2C / B2B
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="customer_type" id="customer-internal" value="internal">
|
|
<label class="form-check-label" for="customer-internal">
|
|
<i class="fa-solid fa-users-gear"></i> Internal (e.g., Shared Service)
|
|
</label>
|
|
</div>
|
|
</div>
|
|
<small class="form-text text-muted py-3">Defines data protection requirements.</small>
|
|
</div>
|
|
|
|
|
|
<!-- Product/Service Portfolio -->
|
|
<div class="mb-3 question basic-section" id="q16">
|
|
<label class="form-label mt-3">
|
|
Product/Service Portfolio Diversity:
|
|
<br>
|
|
<small class="form-text text-muted">
|
|
Select best description - Impact concentration
|
|
</small>
|
|
</label>
|
|
<hr>
|
|
<div class="pb-3">
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="product_portfolio" id="portfolio-focused" value="focused">
|
|
<label class="form-check-label" for="portfolio-focused">
|
|
<i class="fa-solid fa-bullseye"></i> Highly Focused (1-2 core products/services)
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="product_portfolio" id="portfolio-moderate" value="moderate">
|
|
<label class="form-check-label" for="portfolio-moderate">
|
|
<i class="fa-solid fa-layer-group"></i> Moderately Diversified
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="product_portfolio" id="portfolio-diversified" value="diversified">
|
|
<label class="form-check-label" for="portfolio-diversified">
|
|
<i class="fa-solid fa-shapes"></i> Highly Diversified Portfolio
|
|
</label>
|
|
</div>
|
|
</div>
|
|
<small class="form-text text-muted py-3">Indicates the variety of systems requiring
|
|
protection.</small>
|
|
</div>
|
|
|
|
<!-- Supplier Base Structure -->
|
|
<div class="mb-3 question basic-section" id="q17">
|
|
<label class="form-label mt-3">
|
|
Dependency on Critical Suppliers:
|
|
<br>
|
|
<small class="form-text text-muted">
|
|
How dependent is your core operation on a small number of critical suppliers (non-IT or IT)?
|
|
</small>
|
|
</label>
|
|
<hr>
|
|
<div class="pb-3">
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="supplier_base" id="supplier-low" value="low">
|
|
<label class="form-check-label" for="supplier-low">
|
|
<i class="fa-solid fa-people-group"></i> Low Dependency / Many alternatives available.
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="supplier_base" id="supplier-moderate" value="moderate">
|
|
<label class="form-check-label" for="supplier-moderate">
|
|
<i class="fa-solid fa-handshake"></i> Moderate Dependency / Some critical suppliers, but alternatives exist.
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="supplier_base" id="supplier-high" value="high">
|
|
<label class="form-check-label" for="supplier-high">
|
|
<i class="fa-solid fa-link"></i> High Dependency / Reliant on a few critical suppliers with limited alternatives.
|
|
</label>
|
|
</div>
|
|
</div>
|
|
<small class="form-text text-muted py-3">Assesses third-party cybersecurity risks.</small>
|
|
</div>
|
|
|
|
<!-- Critical Business Systems -->
|
|
<div class="mb-3 question basic-section" id="q18">
|
|
<label class="form-label mt-3">
|
|
Integration of Critical Business Systems:
|
|
<br>
|
|
<small class="form-text text-muted">
|
|
Select best description - Complexity, potential cascade failures
|
|
</small>
|
|
</label>
|
|
<hr>
|
|
<div class="pb-3">
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="integration_level" id="integration-low" value="low">
|
|
<label class="form-check-label" for="integration-low">
|
|
<i class="fa-solid fa-plug-circle-xmark"></i> Low: Systems largely operate independently.
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="integration_level" id="integration-moderate" value="moderate">
|
|
<label class="form-check-label" for="integration-moderate">
|
|
<i class="fa-solid fa-link"></i> Moderate: Some key systems integrated (e.g., CRM & ERP).
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="integration_level" id="integration-high" value="high">
|
|
<label class="form-check-label" for="integration-high">
|
|
<i class="fa-solid fa-network-wired"></i> High: Tightly integrated ecosystem, failure in one impacts many.
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="integration_level" id="integration-complex" value="complex">
|
|
<label class="form-check-label" for="integration-complex">
|
|
<i class="fa-solid fa-diagram-project"></i> Complex: Highly integrated, often involving legacy and modern systems.
|
|
</label>
|
|
</div>
|
|
</div>
|
|
<small class="form-text text-muted py-3">Evaluates potential for cascade failures.</small>
|
|
</div>
|
|
|
|
<!-- Rate of Technology / Business Change -->
|
|
<div class="mb-3 question basic-section" id="q19">
|
|
<label class="form-label mt-3">
|
|
Rate of Technology / Business Change:
|
|
<br>
|
|
<small class="form-text text-muted">
|
|
Select best description - Higher change rate can increase risk
|
|
</small>
|
|
</label>
|
|
<hr>
|
|
<div class="pb-3">
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="change_rate" id="change-low" value="low">
|
|
<label class="form-check-label" for="change-low">
|
|
<i class="fa-solid fa-hourglass-half"></i> Low: Stable environment, infrequent major changes.
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="change_rate" id="change-moderate" value="moderate">
|
|
<label class="form-check-label" for="change-moderate">
|
|
<i class="fa-solid fa-rotate"></i> Moderate: Regular updates and some process changes.
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="change_rate" id="change-high" value="high">
|
|
<label class="form-check-label" for="change-high">
|
|
<i class="fa-solid fa-bolt"></i> High: Frequent major technology rollouts or business model shifts.
|
|
</label>
|
|
</div>
|
|
</div>
|
|
<small class="form-text text-muted py-3">
|
|
Higher change rates can increase risk and require more robust change management.
|
|
</small>
|
|
</div>
|
|
|
|
<!-- Relevant Threat Actors -->
|
|
<div class="mb-3 question basic-section" id="q20">
|
|
<label class="form-label mt-3">
|
|
Relevant Threat Actors:
|
|
<br>
|
|
<small class="form-text text-muted">
|
|
Select the Top 2-3 most relevant threat actor types based on your industry/data
|
|
</small>
|
|
</label>
|
|
<hr>
|
|
<div class="pb-3">
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="checkbox" name="threat_actors" id="threat-cybercriminals" value="cybercriminals">
|
|
<label class="form-check-label" for="threat-cybercriminals">
|
|
<i class="fa-solid fa-mask"></i> Cybercriminals (financially motivated)
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="checkbox" name="threat_actors" id="threat-nation-state" value="nation-state">
|
|
<label class="form-check-label" for="threat-nation-state">
|
|
<i class="fa-solid fa-flag"></i> Nation-State Actors (espionage, disruption)
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="checkbox" name="threat_actors" id="threat-hacktivists" value="hacktivists">
|
|
<label class="form-check-label" for="threat-hacktivists">
|
|
<i class="fa-solid fa-bullhorn"></i> Hacktivists (ideologically motivated)
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="checkbox" name="threat_actors" id="threat-insider" value="insider">
|
|
<label class="form-check-label" for="threat-insider">
|
|
<i class="fa-solid fa-user-secret"></i> Insider Threats (malicious or accidental)
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="checkbox" name="threat_actors" id="threat-competitors" value="competitors">
|
|
<label class="form-check-label" for="threat-competitors">
|
|
<i class="fa-solid fa-user-tie"></i> Competitors (industrial espionage)
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="checkbox" name="threat_actors" id="threat-opportunistic" value="opportunistic">
|
|
<label class="form-check-label" for="threat-opportunistic">
|
|
<i class="fa-solid fa-bug"></i> Opportunistic Attackers (less sophisticated, broad attacks)
|
|
</label>
|
|
</div>
|
|
</div>
|
|
<small class="form-text text-muted py-3">
|
|
Helps prioritize security controls and monitoring based on likely threats.
|
|
</small>
|
|
</div>
|
|
|
|
<!-- Expert Analysis -->
|
|
<div class="mb-3 question basic-section" id="q21">
|
|
<label class="form-label mt-3">
|
|
Do u want to perform an expert analysis of your cybersecurity posture?
|
|
<br>
|
|
<small class="form-text text-muted">
|
|
This will help identify gaps and provide tailored recommendations.
|
|
</small>
|
|
</label>
|
|
<hr>
|
|
<div class="pb-3">
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="expert_analysis" id="expert-analysis-yes" value="true">
|
|
<label class="form-check-label" for="expert-analysis-yes">
|
|
<i class="fa-solid fa-magnifying-glass"></i> Yes, I want an expert analysis
|
|
</label>
|
|
</div>
|
|
<div class="form-check">
|
|
<input class="form-check-input" type="radio" name="expert_analysis" id="expert-analysis-no" value="false">
|
|
<label class="form-check-label" for="expert-analysis-no">
|
|
<i class="fa-solid fa-circle-xmark"></i> No, I don't need an expert analysis
|
|
</label>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="d-flex justify-content-end mt-4">
|
|
<button type="button" class="btn btn-lg btn-outline-secondary me-3" id="back">Back</button>
|
|
<button type="submit" class="btn btn-primary btn-lg" id="submit">Next</button>
|
|
<button type="button" class="btn btn-primary btn-lg" id="next">Next</button>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<script src="/static/js/formHandling.js"></script>
|
|
<script src='/static/js/bootstrap.js'></script>
|
|
</body>
|