An insurer, supplier, client or tender panel is asking cyber security questions
Use this to organise the basics before you answer.
Need to answer cyber security questions for insurance, suppliers, clients, or tenders?
Prepare a plain-English evidence checklist for two-step login, backups, updates, admin access, device safety, user access and business cyber questions. Based on public ASD/ACSC Essential Eight guidance.

Use this when you want a practical business-owner answer, not a technical framework first.
Use this to organise the basics before you answer.
Group your evidence into ready now, needs checking and needs setup or cleanup.
This is preparation support, not an official audit or certification report.
Privacy: this checker runs in your browser and does not ask for sensitive details.
Important: your insurer, client, tender panel, or assessor may require their own evidence format.
Tick the statements that match your business. You can leave anything blank if you are not sure.
This helper touches several Essential Eight areas, including two-step login / MFA, safe backups, software updates, admin access, device safety and user access evidence.
Helps improve Essential Eight alignment step by step. This is a practical self-check, not a formal government certification or audit.
Evidence questions often ask about the same basics: who can log in, whether accounts are protected, whether files can be recovered, and whether devices and staff access are managed.
Insurance, supplier and tender questions can become risky if answers are guessed. A simple evidence checklist helps the business answer carefully and fix gaps first.
Need help turning this into real protection? Your IT & Tech Mates can help set up two-step login, backups, updates, admin access, safer devices, and a plain-English cyber action plan for your business.
Use the hub and related tools to check the other parts of your small business cyber safety setup.
Return to the hub and choose your business concern.
Start with the full five-minute check across logins, backups, updates, access and device safety.
Check two-step login and account access for email, cloud, accounting, website and social platforms.
Check whether files, invoices, records and job photos can be recovered if something goes wrong.
Review old accounts, admin access, shared passwords and contractor access.
Check whether computers, browsers, Office, accounting apps, POS systems and remote access tools are being kept up to date.
Check whether risky Office files, invoices, spreadsheets, supplier documents or attachments could put your business at risk.
Check browser updates, extensions, downloads, password saving, PDF readers, remote access apps and common unsafe app settings.
Prepare a plain-English evidence checklist for insurers, suppliers, clients or tenders.
Turn your answers into a simple action plan: first 3 fixes, this week, this month and later.
Your IT & Tech Mates can help set up two-step login, backups, updates, admin access, safer devices, and a plain-English cyber action plan for your business.
No. This is a practical preparation checklist based on public ASD/ACSC Essential Eight guidance. It is not a formal audit, certification, legal advice, insurance advice or government assessment.
Use it to organise what you may need. Your insurer, client, tender panel or assessor may require their own evidence format.
Treat missing evidence as a prompt to check or set up the basics before answering important cyber questions.