Cyber risk assessments and tools for Australian organisations
Self-service gap scans that turn into board-ready reports. Essential Eight, APRA CPS 234, and privacy maturity — assess yourself, get your score, download your documentation.
As seen in the frameworks used by: ACSC · OAIC · APRA · Center for Internet Security
4
Free tools
~20 min
Per assessment
100%
Australian-focused
None
No account required
Yes
Built in Australia
Used by IT managers, business owners, and operations teams across Australian SMBs.
How it works
How the Essential Eight Assessment Works
Pick your framework
Choose the compliance or security framework most relevant to your situation — insurance renewal, privacy obligations, client requirements, or international controls.
Take the assessment
Answer plain-English questions about your current controls. No account required. On the free tier, nothing leaves your browser.
Get your score and act
Receive an instant maturity rating with a prioritised gap analysis. Download a report or generate tailored policies ready to present to your board or auditor.
Essential Eight Reports and Policy Templates
Start with a free self-assessment. Upgrade to a board-ready report or policy bundle whenever you need it.
Essential Eight Board Report
Instant score plus a downloadable ML1/ML2 gap report, remediation roadmap, and policy templates. From $99.
View reportCyber Insurance Readiness Pack
Controls documentation, evidence pack, and insurer-presentation summary. Built from your assessment answers. From $99.
View packPrivacy Maturity Report
OAIC-aligned privacy maturity score plus policy templates and audit-ready documentation. From $49.
View reportThe suite
Four tools. Every angle covered.
EssentialScore
Essential Eight Compliance
Assess your cybersecurity maturity against the ACSC Essential Eight framework. Recommended for all Australian SMBs.
- 71-question assessment
- Maturity Level 1 & 2
- 14 policy templates
- PDF report
CISScore
CIS Controls v8.1 Assessment
Measure your security posture against the internationally recognised CIS Controls framework. Ideal for businesses with international clients or ISO 27001 aspirations.
- CIS IG1 controls
- Implementation Groups
- Gap analysis
- Remediation guidance
PrivacyScore
Privacy Act 1988 Compliance
Check your compliance with the Australian Privacy Act and Australian Privacy Principles. Essential for any business handling personal information.
- 13 Privacy Principles
- Notifiable data breaches
- Privacy policy generator
- Risk assessment
CyberInsureReady
Cyber Insurance Readiness
Find out if your business qualifies for cyber insurance — and at what premium tier. Identify gaps before your next renewal to avoid claim disputes.
- 20-question assessment
- Insurability rating
- Premium tier estimate
- Readiness report
Compare
Which tool covers what?
| Domain | EssentialScore | CISScore | PrivacyScore | CyberInsureReady |
|---|---|---|---|---|
| Patch management | ✓ | ✓ | — | ✓ |
| Multi-factor authentication | ✓ | ✓ | — | ✓ |
| Backups & recovery | ✓ | ✓ | — | ✓ |
| Endpoint & network security | ✓ | ✓ | — | ✓ |
| Email & phishing protection | — | ✓ | — | ✓ |
| Access control & identity | ✓ | ✓ | — | ✓ |
| Incident response | — | ✓ | — | ✓ |
| Application control | ✓ | ✓ | — | — |
| Privacy obligations (APPs) | — | — | ✓ | — |
| Data breach notification | — | — | ✓ | — |
| Consent & data handling | — | — | ✓ | — |
| Insurance insurability score | — | — | — | ✓ |
Why CyberPosture
Why Australian SMBs Choose CyberPosture
Privacy-first
The free tier runs entirely in your browser. No answers stored server-side, no account, no tracking.
Built for Australia
Frameworks and language aligned to ACSC, OAIC, and Australian insurers — not adapted from US-centric tools.
Under 30 minutes
Each assessment is designed for busy IT managers. Comprehensive coverage without wasting your afternoon.
Actionable results
Not just a score — a prioritised gap analysis and an optional policy bundle you can act on immediately.
For MSPs
Run assessments across your entire client base.
Each tool is free to use with any client — no per-seat licensing, no vendor contracts. Use them to qualify prospects, identify gaps before an engagement, or deliver a compliance snapshot as part of your onboarding. White-label options are available. Contact us to discuss.
- Instant gap analysis ready to present to the client
- White-label options available — contact us
- Works across professional services, finance, retail and more
- No account or setup required per client
Not sure where to start?
My insurer is asking about cybersecurity controls — where do I start?
Start with EssentialScore
Am I handling customer personal data correctly?
Start with PrivacyScore
Am I renewing my cyber insurance soon?
Start with CyberInsureReady
Do I want to follow international security best practices?
Start with CISScore
All four tools are free to use. Run all of them for a complete picture of your cyber posture.
All four tools in one purchase
- ✓EssentialScore — Essential Eight maturity report + 14 security policies
- ✓CISScore — CIS Controls v8.1 policy bundle + remediation guidance
- ✓PrivacyScore — Custom Privacy Act policy + data breach guide
- ✓CyberInsureReady — Insurance readiness report + insurability rating
One-time · Instant access
Need help?
Debra Scott
Cyber Security Advisor
Debra has spent over a decade helping Australian businesses understand and improve their security posture. She works directly with IT managers, business owners, and operations teams to make sense of assessment results and identify the right next steps. If you have questions about your score, your documentation, or which tool is right for your situation — Debra is the right person to ask.
Contact DebraQuestions? Ask Debra.
Cyber Security Advisor
For product questions, billing, or help with your assessment results — reach out directly.
Send Debra an emailGet your complete cyber posture picture.
Four frameworks. Four free assessments. One clear view of where your business stands — and what to fix first.