Business Cyber Safety Action Plan
This is a practical self-check, not a formal Essential Eight assessment, audit or certification.
Start with the self-check, then record only general priority categories here. Do not enter passwords, security codes, bank details or private customer information.
1. Protect accounts
MFA, Microsoft 365, admin access, suspicious sign-ins and email compromise.
2. Protect money
Changed bank details, fake invoices, supplier verification and two-person payment approval.
3. Protect data
Backups, recovery readiness, device updates and unsupported software.
4. Protect staff
Staff access, phishing habits, risky attachments and safer browsing.
