Cybersecuirty Readiness Assessment
Why complete a Cybersecuirty Readiness Assessment
A cybersecurity readiness assessment is a critical evaluation process designed to identify vulnerabilities, assess existing security measures, and ensure an organization’s preparedness against cyber threats. For Canadian financial advisors, regularly completing this assessment is important because it helps safeguard sensitive client information and maintain trust. Given the increasing sophistication of cyberattacks and the stringent regulatory requirements in the financial sector, this assessment allows advisors to proactively address potential weaknesses, adapt to evolving threats, and comply with legal standards. By routinely assessing your cybersecurity posture, you can better protect your clients' assets, enhance your operational resilience, and uphold your professional reputation in a rapidly changing digital landscape.
Advisor Name
*
Email
*
example@example.com
Date Completed
*
-
Month
-
Day
Year
Date
Back
Next
Do you have a formal cybersecurity policy in place?
*
Please Select
Yes
No
In Progress
Where is this document located?
*
Date of last review or update
*
-
Month
-
Day
Year
Date
Is there a designated individual responsible for cybersecurity in your organization?
*
Please Select
Yes, with clear responsiblities
Yes, responsiblities are unclear
No
Name of this individual
Role & Responsiblities
*
Do you perform regular risk assessments to identify cybersecurity threats and vulnerabilities?
*
Please Select
Occasionally
Regularly
No
Frequency of assessments
*
Please Select
Quarterly
Annually
Once every 2 years
Date of last assessment
*
-
Month
-
Day
Year
Date
Are all software and systems updated with the latest security patches and updates?
*
Please Select
Always
Sometimes
No
Please list of all softwares & systems
*
Date of last update
*
-
Month
-
Day
Year
Date
Is multifactor authentication (MFA) implemented for accessing sensitive systems and data?
*
Please Select
Yes
No
Planned Implementation
Please list of all softwares & systems using MFA
*
Do you have a data backup and recovery plan in place?
*
Please Select
Yes
No
Planned Implementation
Date of last data recovery test
*
-
Month
-
Day
Year
Date
Are employee cybersecurity training and awareness programs conducted regularly?
*
Please Select
Regularly
Occassionally
No
Frequency of training
*
Please Select
Quarterly
Annually
Once every 2 years
Date of last training session
*
-
Month
-
Day
Year
Date
Do you have procedures for handling and reporting cybersecurity incidents?
*
Please Select
Yes
No
In progress
Where is this document located?
*
Date of Last Incident Report
*
-
Month
-
Day
Year
Date
Is there a policy in place for secure remote access to your systems?
*
Please Select
Yes
No
In progress
Where is this document located?
*
Date of Last Update
*
-
Month
-
Day
Year
Date
Are access controls in place to limit system access based on user roles?
*
Please Select
Yes
No
Partially
Please describe the Access Control in place
*
Date of Last Review
*
-
Month
-
Day
Year
Date
Do you use encryption to protect sensitive data in transit and at rest?
*
Please Select
Yes
No
Partially
Please describe the types of encryption being used
*
Date of Last Review
*
-
Month
-
Day
Year
Date
Is there a formal process for evaluating third party vendors' cybersecurity practices?
*
Please Select
Yes
No
Partially
Where is this document located?
*
Date of Last Review
*
-
Month
-
Day
Year
Date
Are security measures in place for the disposal and destruction of sensitive information?
*
Please Select
Yes
No
Partially
Please describe the disposal/destruction methods
*
Do you have a documented incident response plan for cybersecurity breaches?
*
Please Select
Yes
No
In Progress
Where is this document located?
*
Date of Last Review
*
-
Month
-
Day
Year
Date
Are there regular audits or assessments of your cybersecurity practices?
*
Please Select
Regularly
Occasionally
No
Frequency of Audits
*
Please Select
Quarterly
Annually
Once every 2 years
Date of Last Audit
*
-
Month
-
Day
Year
Date
Do you have cybersecurity insurance coverage?
*
Please Select
Yes
No
In Progress
Insurance Provider?
*
How much coverage do you have?
*
Do you have a policy for strong password management and regular changes?
*
Please Select
Yes
No
Partially
Where is this document located?
*
Date of Last Update
*
-
Month
-
Day
Year
Date
Are physical security measures in place to protect sensitive information (e.g., secure access to offices,server rooms)?
*
Please Select
Yes
No
Partially
Please describe the measures in place
*
Is there a policy and system for managing and securing mobile devices used for work?
*
Please Select
Yes
No
In Progress
Where is this document located?
*
Date of Last Review
*
-
Month
-
Day
Year
Date
Do employees receive training on recognizing and responding to social engineering attacks (phishing, vishing etc.)
*
Please Select
Regularly
Occasionally
No
Frequency of Training
*
Please Select
Quarterly
Annually
Once every 2 years
Date of Last Training Session
*
-
Month
-
Day
Year
Date
Match your score to a Readiness Profile
Your Readiness Profile Score Is:
Based on your Readiness Profile Score, please indicate which profile applies to you:
*
(1-14) Significant Improvements Needed
(15-28) Some improvements Required
(29-40) Strong Cybersecurity Posture
Back
Next
Collection of Information Disclaimer
At The Gryphin Advantage Inc., we understand that the privacy of our clients' data is of the utmost importance. We are committed to protecting the confidentiality of any personal, financial, or business-related information that is shared with us during the course of our services. We will only use this information for the purpose of providing our services to the client and will not disclose it to any third parties without the express written consent of the client. We have implemented appropriate technical and organizational measures to ensure the security and protection of our clients' data. If you have any questions or concerns about the privacy of your data, please don't hesitate to contact us.
Submit
Should be Empty: