Financial Planning Practice Cyber Security Health Check — Self-Assessment Tool

Your clients trust you with their complete financial picture. Are you protecting it?

As a financial adviser operating under an AFSL, you hold investment portfolios, superannuation details, insurance records, and deeply personal financial information. ASIC expects licensees and authorised representatives to maintain adequate risk management systems, the FASEA Code of Ethics demands you act with integrity, and the Privacy Act requires you to protect personal information. Get it wrong and you face ASIC enforcement action, OAIC investigations, financial penalties, mandatory breach notifications, and the kind of reputational damage that destroys client relationships built over years.

This Health Check gives you a clear picture of where your practice stands — and a practical action plan to close the gaps. No IT background needed.

Built for financial planners, not IT professionals:

Every question is written in plain, everyday English. Technical terms include built-in hover tooltips that explain them simply, and the companion user guide explains the intent behind every question so you always understand what's being asked and why.

When you're done, the tool generates a clear, easy-to-follow action plan tailored to your practice. Each recommendation tells you what the gap is, what to do about it, how urgent it is, and roughly how much time and money it will take — automatically sorted by priority. No guesswork, no generic advice — just practical steps based on your actual answers.

What's included:

1. Self-Assessment Tool (HTML file) An interactive assessment covering 12 key security areas across 66 questions, purpose-built for how financial planning practices actually work:

→ Passwords & Access — Are licensee portals, financial planning software, and client files properly secured? → Backups & Recovery — Could you recover client data after ransomware or hardware failure? → Staff Awareness — Do your team know how to spot phishing and report security concerns? → Your Data — Are client portfolios and financial records handled in line with the Privacy Act? → Incident Response — Do you know what to do if client data is compromised? → Suppliers & Services — Are your IT providers, platform providers, and software vendors covered? → Plus six more domains covering updates, security software, device security, network protection, secure configuration, and leadership planning.

2. User Guide & Question Reference (Word document) A comprehensive companion guide including:

→ Step-by-step instructions for navigating the assessment and using all features → Tips for answering accurately — what "Yes" really means and how to think about evidence → How to interpret your results — understanding your score, readiness level, and priority actions → How to use the Word and Excel exports for compliance, insurance, and IT provider discussions → Full question reference guide — every question explained with "Why This Matters" context and "Evidence to Look For" indicators

What you get when you complete the assessment:

✔ Overall security score with a clear readiness rating

✔ Visual dashboard with category-by-category breakdown

✔ Prioritised action plan — personalised to your answers, sorted by urgency, with estimated time and cost

✔ Specific, actionable recommendations written in plain language

✔ Exportable Word report — ready to share with licensees or insurers

✔ Exportable Excel workbook with incident response contacts and step-by-step checklist

✔ Australian-focused — references ASIC, AFSL, FASEA Code of Ethics, OAIC, ACSC, Privacy Act, and Notifiable Data Breaches scheme

Who is this for?

• Sole practitioner advisers wanting to protect their clients and their practice
• Practice principals looking to benchmark their security practices
• Firms preparing for ASIC compliance reviews, licensee audits, or cyber insurance applications
• Authorised representatives wanting to demonstrate due diligence
• Anyone handling client financial data — regardless of technical ability

How it works:

Download both files — open the HTML file in any modern browser and keep the user guide handy. Answer the questions honestly, and the tool does the rest. No installation, no software, no cloud account required. Your data stays on your device.

Built by CyberAssure — practical cyber security tools for Australian businesses.