Certified Small Business Health Check
About the Check
The certified small business health check involves a CREST ANZ approved service provider performing a cyber security test on your devices.
The test is based on a highly respected Australian standard called the Essential Eight, developed by the Australian Signals Directorate to help Australian businesses.
The test will assess your how your business is protected from common cyber security risks and identify items that may need attention. The service provider will offer some recommendations for fixing the important items.
The test will be the same for all small businesses, but vary in price depending on the number of devices to be tested.
HOW IT WORKS
To get the most out of your health check, get organised with your service provider beforehand.
What you might want to do prior to the day
- Figure out how many devices you want checked and make a booking on this website.
- Tell us the postcode where the check will take place and select your service provider.
- Confirm a date and time with the service provider and understand their plans.
- Let your team know what is happening and organise their participation.
- Check your eligibility for a small business government grant at Business.gov.au.
The service provider will install health check testing software on your devices.
Things to remember on the day are:
- Make sure that all devices being checked are available, unlocked and usable.
- Agree the time available and complete the check within that time to avoid extra costs.
- Some checks will be done by the computer; others will be a questionnaire you complete with the service provider.
- You will receive two results reports. The first gives an overview of what the check found and lists the highest priority items. The second report is technical, for use in fixing any problems.
Once the check is finished, your service provider will complete the paperwork and steps required before you can apply for a grant.
- Your service provider will upload a summary of your check results to CREST ANZ. If you have questions about this step, please talk with your service provider or contact CREST ANZ directly on [email protected]
- Once we receive and confirm the upload, we will email you a uniquely numbered small business health check certificate.
- The service provider will invoice you. Your unique certificate number must be clearly shown on the service provider’s invoice. This is a condition of the grant.
- You pay the invoice and receive a receipt or other valid proof of payment from the service provider. This proof of payment is also a condition of the grant and must be included in your grant application.
If you are applying for a government grant, we recommend doing this as soon as possible after the check is completed. For more detail on how to apply please review the the Cyber Security Small Business Guidelines, the sample application form and the sample grant agreement published on business.gov.au
- If you know someone who looks after computers and systems, ask them for help.
- Ask you service provider if they fix problems or can recommend someone.
- Ask people in your local area who they would recommend.
- Talk with a company that specialises in helping small business such as Geeks2U.
WHAT’S IN THE TEST
The certified small business health check is based on the Australian Government’s Essential Eight list of mitigation strategies to help protect against a range of cyber security threats. The health check has been customised for small business and the cyber threats they are most concerned about.
CREST SERVICE PROVIDERS
CREST membership uniquely combines approval at a company level with certification at the individual tester level. This provides two layers of assurance that your service provider and tester understand cyber security and can identify potential risks.
- Understand your needs and know how to deliver for small business
Highly respected by customers and peers
- Passed scrutiny to become an approved CREST ANZ Member
- Expert at cyber security testing for devices and Apps
Employ testing teams with CREST certificated individuals