Skip to main content
Back to Shop
Cyber Risk Checklist preview
DIGITAL TEMPLATE

Cyber Risk Checklist

Single Excel checklist — 120 controls mapped to NIS2, Cyber Essentials and ISO 27001 with RAG status and evidence tracking. The checklist only.

NIS2Cyber-EssentialsISO-27001checklistrisk-managementISO-27001-2022

📋 KNOW YOUR RISK IN 15 MINUTES — THE STARTING POINT FOR EVERY CYBER JOURNEY

Most businesses cannot answer the question "how secure are we?" The answer matters: cyber insurers ask it, enterprise customers ask it, NIS2 requires it, and boards need it. This checklist gives you a defensible answer in 15 minutes — covering the 25 controls that determine 90% of your risk posture.

Cyber Risk Checklist — 25 Controls, 15 Minutes, Actionable Score

Not a questionnaire that produces a vague report. Each of the 25 controls is scored Pass/Partial/Fail with a specific remediation action. The result is a numbered risk score you can track over time, share with insurers, and use as the starting point for Cyber Essentials, ISO 27001, or NIS2 compliance.

  • 25 Critical Controls: MFA, patching, backup, email security, endpoint protection, access control, encryption, incident response — the controls that matter most
  • Pass/Partial/Fail Scoring: Each control assessed with clear criteria — no ambiguity about what "good" looks like
  • Risk Score (0–100): Composite score tracking your overall security posture — comparable over time
  • Priority Remediation List: Top 5 actions that will improve your score the most — effort vs impact ranked
  • Cyber Essentials Alignment: Score mapped to Cyber Essentials v3.1 readiness — know if you would pass today
  • Board Summary: One-page executive summary of your risk posture — for directors, investors, or insurers
  • Quarterly Re-Assessment: Track improvement over time — evidence of continuous security improvement for regulators
  • Insurer-Ready Export: Risk posture summary formatted for cyber insurance applications — supports premium reduction

💷 THE MATHS

£29 one-time. Security risk assessment by consultant: £2,000–5,000. Cyber insurance questionnaire preparation: £500–1,000. Not knowing your risk posture: priceless (in the worst way). 15 minutes to understand where you stand — then decide what to do about it.

📋 ISO 27001:2022 TRANSITION

ISO 27001:2013 certifications expired 31 October 2025. All organisations must now operate under ISO 27001:2022, which adds 11 new controls including threat intelligence, cloud security, data masking, and secure development. This product's controls are mapped to the 2022 standard.

📦 Delivery & deliverables

  • Turnaround: assessment delivery within 36 business hours after intake completion. Multi-jurisdiction packages: up to 5 business days.
  • Sample output: a redacted sample deliverable (report + appendices) is available on request — email [email protected] with the product name.
  • Revision & satisfaction: one round of revisions included; if the deliverable does not meet the agreed brief, full money-back refund within the 14-day window.

£49.00

One-time payment · No VAT (not registered)

Delivery: Instant on payment
Refund: 14-day satisfaction guarantee
Instant download after payment
UK GDPR compliant
Secure checkout via Stripe
Not VAT registered — no VAT charged

Trust & Delivery

ICO registered ZC112810

UK Information Commissioner's Office data controller registration.

Companies House 16419201

SummitBridge Horizon Ltd — registered 30 April 2025, London.

14-day satisfaction guarantee

See refund policy for full terms.

Sample materials available

Request a sample

Compare with the market

2 direct and adjacent competitors tracked.

VendorTheir priceThreatvs SBHTheir advantagesOur advantages
IT Governance UK

GB

£800+ per assessmentHIGHpricierBrand · ISO pedigree£49 one-off · Actionable
ISMS.online

GB

£5,000+ /yrMEDIUMpricier

Compliance Snapshot

Regulatory posture for this product — for procurement and security teams.

General-purpose (limited- or minimal-risk)

Conformity scaffold in place — formal record not yet published