Built for Australian small business

Know your cyber risk
and what to fix first

Answer plain-English questions about your Microsoft 365, Google Workspace, Xero, MYOB or Slack setup. See where you stand in about 15 minutes — no tech knowledge needed.

Your risk score is free. Unlock the full action plan for $159.

8
Control domains
E8
Mapped to
4 hrs
Report delivery
No account required No card needed to start Secure Stripe payment

How it works

Four steps from “no idea where we stand” to a clear, prioritised action plan. You see your score before you pay a cent.

01

Tell us about your business

Industry, size and which platforms you use. No account needed — just your email.

02

Answer plain-English questions

Every question has an example, and “Not sure” is always a valid answer. No timer.

03 Free

See your risk score

Your overall score, your risk level, and the areas putting you most at risk — free, on screen, straight away.

Coverage across the areas that matter

Built around the practical controls small businesses most often miss — not abstract policy language. These eight categories are what every assessment covers.

01Identity & AccessMFA, admin accounts, access control
02Email SecuritySPF / DKIM / DMARC, phishing protection
03Data & SharingFile sharing controls, external links
04Device SecurityUpdates, antivirus, disk encryption
05Backup & RecoveryCloud backup, restore testing, continuity
06People & AwarenessStaff training, onboarding, offboarding
07Financial IntegrityInvoice fraud, payment & bank-detail checks
08Incident ReadinessResponse plans, emergency contacts, insurance

Mapped to the ACSC Essential Eight

Every finding ties back to the Australian Government’s Essential Eight, so you — and your IT provider — know where you stand against a recognised standard.

Step 01

Your answers, weighted

Step 02

Mapped to E8 controls

Step 03

Ranked into an action plan

Your score is free. The action plan is a one-off $159.

See where you stand for nothing. Pay only when you want the step-by-step fixes — every gap, ranked, with the technical steps your IT provider can act on.

Free

Your risk score

Your overall risk score and risk level
The security areas putting you most at risk
Shown on screen the moment you finish
$159 — full action plan

Every fix, in priority order

Every gap found, ranked by impact and effort
Plain-English, step-by-step fixes you can follow
Technical steps to hand straight to your IT provider
Mapping to the Essential Eight, ISM and Privacy Act
Verify bank-detail change requestsCritical · low effort

Invoice fraud is the most common way Australian businesses lose money to cyber crime. The fix is a simple process: never change bank details without a phone call to confirm — looked up from your own records, not the email.

✦ Essential Eight: User Application Hardening

Your data is never shared, sold, or used for marketing.

Most businesses find out the hard way

Instead of guessing, relying on scattered advice, or paying for open-ended discovery, you get a clear starting point: your biggest risks, your fastest wins, and the items worth paying an IT provider to handle properly.

  • Prioritised, not overwhelming

    You get the highest-priority actions first — not 40 vague recommendations.

  • Useful for non-technical owners

    Written in plain English, so you understand what matters without becoming an expert.

  • Useful for your IT provider too

    Detailed enough to cut their discovery time and make the fixes easy to scope.

One price, no lock-in

Score free · action plan, one-off

Assessment + personalised report

Your risk score is free. The full action plan is $159 — one-off, no subscription, yours to keep. Less than one hour of IT support, and enough clarity to know what to fix before a small issue becomes an expensive one.

Common questions before you start

What do I get free, and what’s the $159 for?
Free: your overall risk score, your risk level, and the security areas putting you most at risk — shown on screen as soon as you finish. The $159 unlocks the full action plan — every gap ranked by priority, plain-English step-by-step fixes, the technical steps for your IT provider, and mapping to the Essential Eight.
Do I need to be technical to complete this?
No. If you can answer yes, no, or “not sure”, you can complete it. Every question is written in plain English with an example.
Is this a formal audit or certification?
No — it’s a structured self-assessment and prioritised action report. It’s not a penetration test, audit, or certification, though it helps you get closer to one.
How quickly do I get the full report?
Within 4 hours during business hours (Mon–Fri, 9am–5pm AEST), or by 9am the next business day.
Ready when you are

Know what to fix before it becomes a bigger problem

Get a plain-English cyber security report your business can actually use.