Security to a Standard

Easier decisions for businesses around Cyber Security.

Just select the level you need.

Cybersecurity is crucial for small and medium size businesses because they are often targets of cyber-attacks. Good cybersecurity practices help protect sensitive data, ensure business continuity, and build trust with customers and partners. SMB1001 is a practical and measurable way to achieve it.

Key Benefits

  • Businesses can certify their level of security compliance to promote themselves to customers and reassure the customers of their security as a supplier.

  • The certification can also be supplied to insurance companies when requesting quotes, to demonstrate lower risk.

  • Low cost, starting at $95ex for a year.

Standards compared

This standard scales as a fit-for-purpose solution for any sized business.

Global cyber standards such as ISO 27001 take about 4 to 6 years to refresh whereas SMB1001 is refreshed annually to meet evolving security requirements.

SMB1001 is mapped to the cyber.gov.au Essential 8 and to ISO 27001.

A simpler way to Cyber Security certification.

No one starts with a black belt! Businesses can start with a coloured belt at thier level of maturity and work towards the black belt ISO 27001.

Progressing through the levels

At Level 1, Bronze, the focus is on establishing basic cyber security controls emphasising baseline prevention. Moving to Silver, more advanced prevention controls are added, increasing the maturity of the organisation's cyber security.

From there, Gold level focuses on maturing an organisation from a technology-focused defence strategy to a whole of business cyber risk management approach that include people, processes, and technology.

Levels 4 and Level 5 continue to increase the maturity of the organisation's cyber risk management program that incorporates strong governance procedures, advanced risk management practices, and best practice technical controls, such as cyber insurance, penetration testing and vulnerability assessments.

Within each level, there are several controls relating to:

  • technology management

  • access management

  • backup and recovery

  • policies, processes and plans; and

  • education and training.

Each of these areas is developed considering the common elements in existing cyber security guidelines and recommendations. These areas and their supporting controls also address common gaps, and the "essential" controls recognised in existing industry surveys.

Certificates are available at each level

Our managed support customers get bronze level included with their base level of support.

Some already have ISO 27001 and we encourage all customers to get at least gold level.

If you like a 2-hour meeting to explain the SMB1001 standard and do an interview-based assessment. Followed by a report then the price is $500ex GST.