Free Self-Check · 10 Questions

Can You Pass a Client Security Questionnaire?

10 yes/no questions on the controls clients are asking about in 2026. Instant grade. No email required.

Question 1 of 10
01MFA is enforced on email, file storage, and remote access.
02Laptops are encrypted (BitLocker or FileVault) and centrally enforced.
03You can produce a current list of every SaaS app holding client data.
04Backups of client matter files and email are tested for restore.
05Email has phishing-resistant controls (DMARC enforced, impersonation protection).
06Staff get security awareness training and phishing simulations at least once a year.
07Access to client data is reviewed quarterly.
08There's a documented incident response plan with breach notification timelines.
09The firm has cyber liability insurance in force.
10You have a written information security policy you could hand a client on request.

Want a deeper look?

A 30-minute scope call + external scan (no install) + written report is the fastest way to turn this into specific fixes.

Start a free posture report