Certified Small Business Health Check

About the Check

The certified small business health check involves a CREST ANZ approved service provider performing a cyber security test on your devices.

The test is based on a highly respected Australian standard called the Essential Eight, developed by the Australian Signals Directorate to help Australian businesses.

The test will assess your how your business is protected from common cyber security risks and identify items that may need attention. The service provider will offer some recommendations for fixing the important items.

The test will be the same for all small businesses, but vary in price depending on the number of devices to be tested.

Book a Health Check

Call Centre
13 28 46

Online
businesss.gov.au

AusIndustry has people ready to answer your questions.

HOW IT WORKS

To get the most out of your health check, get organised with your service provider beforehand.

What you might want to do prior to the day
  • Figure out how many devices you want checked and make a booking on this website.
  • Tell us the postcode where the check will take place and select your service provider.
  • Confirm a date and time with the service provider and understand their plans.
  • Let your team know what is happening and organise their participation.
  • Check your eligibility for a small business government grant at Business.gov.au.

The service provider will install health check testing software on your devices.

Things to remember on the day are:
  • Make sure that all devices being checked are available, unlocked and usable.
  • Agree the time available and complete the check within that time to avoid extra costs.
  • Some checks will be done by the computer; others will be a questionnaire you complete with the service provider.
  • You will receive two results reports. The first gives an overview of what the check found and lists the highest priority items. The second report is technical, for use in fixing any problems.

Once the check is finished, your service provider will complete the paperwork and steps required before you can apply for a grant.

  • Your service provider will upload a summary of your check results to CREST ANZ. If you have questions about this step, please talk with your service provider or contact CREST ANZ directly on [email protected].
  • Once we receive and confirm the upload, we will email you a uniquely numbered small business health check certificate.
  • The service provider will invoice you. Your unique certificate number must be clearly shown on the service provider’s invoice. This is a condition of the grant.
  • You pay the invoice and receive a receipt or other valid proof of payment from the service provider. This proof of payment is also a condition of the grant and must be included in your grant application.

If you are applying for a government grant, we recommend doing this as soon as possible after the check is completed. For more detail on how to apply please review the the Cyber Security Small Business Guidelines, the sample application form and the sample grant agreement published on business.gov.au 

  • If you know someone who looks after computers and systems, ask them for help.
  • Ask you service provider if they fix problems or can recommend someone.
  • Ask people in your local area who they would recommend.
  • Talk with a company that specialises in helping small business such as Geeks2U.

WHAT’S IN THE TEST

The certified small business health check is based on the Australian Government’s Essential Eight list of mitigation strategies to help protect against a range of cyber security threats. The health check has been customised for small business and the cyber threats they are most concerned about.

Application Updates and Patching

Fixes abnormalities (bugs) and improves usability and performance.

Microsoft Office Macro Settings
Can increase cyber risk and should be disabled if not needed.
User Applicaton Hardening
Disables or removes settings or apps that are not needed to help reduce risk.
Restricted Administration Privileges
Limit users to the minimum access needed to perform in the business.
Operating System Patching
Ensure computers have the latest security updates.
Multi-factor Authentication
Using a combination of two or more ways to sign in each time.
Daily Backups
Helps ensure all information is not lost in an attack.
Trusted Applications
Stops non-approved apps being used.
Maleware / Virus Scans

Both types are needed to scan your computers.

Mobile / BYOD
Ensure policies are in place to reduce security risks.

CREST SERVICE PROVIDERS

CREST membership uniquely combines approval at a company level with certification at the individual tester level. This provides two layers of assurance that your service provider and tester understand cyber security and can identify potential risks.

  • Understand your needs and know how to deliver for small business

  • Highly respected by customers and peers

  • Passed scrutiny to become an approved CREST ANZ Member
  • Expert at cyber security testing for devices and Apps

  • Employ testing teams with CREST certificated individuals

Getting Started is Easy

TAKE A CERTIFIED SMALL BUSINESS HEALTH CHECK
Book now and be in touch with a trusted provider in minutes