Effective Solutions. Protecting Businesses.

Cyber Security Questionnaires

Since the introduction of the GDPR requirement that data controllers must assess the security of their data processors, organisations have been requiring their key suppliers to complete a security questionnaire. With the increase in the number of ransomware attacks, including some high-profile incidents, many business insurance providers require companies to carry out assessments of their suppliers in order to obtain assurance.  This has escalated the demand to complete security questionnaires to include all suppliers, not only data processors.  

Businesses, Government and Local Authorities now require the completion of their security questionnaires as part of their procurement process and in some cases these questions can run into hundreds of questions. Also, their “one-size fits all” approach results in a small supplier of business services having to complete the same questionnaire as an outsourced HR or IT provider.  For small businesses these questionnaires can be daunting, time consuming and even an entry barrier to new business. 

We have helped numerous SME businesses respond to security questionnaires, as part of the tendering process and be accepted as suppliers. We have completed the security questionnaires, providing details of why questions are not relevant or appropriate and explained what security controls are in place and how they manage the risk.  Where required we have produced appropriate supporting collateral such as a security policy, risk assessment or other documentation. 

Where companies are regularly receiving a lot of security questionnaires, we have provided a framework of model answers to allow the company to respond to the questionnaires themselves. 

Testimonials

“In addition to supporting our ISO27001 certification AJ Security Consulting provide our DPO and CISO service. This includes responding to the numerous security and privacy questionnaires we receive from our clients and attending any follow-up calls. In addition to responding directly to the questionnaires, AJ Security Consulting have produced model answers to allow our staff to respond to the questionnaire.”

COO Qualification Check

“AJ Security Consulting helped us identify the appropriate Microsoft security tools, the security configurations and provided advice on the implementation and monitoring requirements.”

CIO Lloyds Pharmacy Healthcare Services.

“AJ Security Consulting has provided support to our ISO2001 Certification since 2019. They produced all our initial security documentation, selected the certification body, and provided assistance during the initial certification audit. Since then, AJ Security Consulting has provided ISO27001 advice and carried out the annual Internal Audits, more recently they carried out the ISO27001:2022 gap analysis to support our migration to the new standard”.

Director HJS Technology.

“AJ Security Consulting has provided GDPR support to AE Tuition since 2018. They produced all our initial Privacy documentation, provided updates, carried out due diligence assessments of our data processors and are always available to answer questions and provide advice.”

Business Operations Manager AE Tuition.

“AJ Security Consulting delivered our Privacy training and identified what we needed to do to comply with the GDPR. The training was exactly what we needed as a small organisation – informative, relevant and concise. They simplified a complex subject and provided a clear plan of what we need to do next.”

Salisbury Area Music Co-operative | 2017

“AJ Security developed our information security policy framework and helped us achieve ISO27001:2013 Certification, they also helped us recruit a permanent Information security manager.”

Rajesh Gupta CFO The Northview Group |2016

“AJ Security Consultants helped develop our information security risk assessment process and standard. He provided a wide range of pragmatic security advice and has always been available to answer questions and offer advice.”

Jon Cheyne IT Director Victoria and Albert Museum | 2015
Contact us