Mortgage Broker Cyber Security Health Check
You handle your clients' most sensitive financial information. Are you protecting it?
As a credit representative under your aggregator's Australian Credit Licence, you're obligated to protect client data. Get it wrong and you face regulatory investigations, financial penalties under the Privacy Act, mandatory breach notifications, loss of client trust, and your authorisation at risk.
This Health Check gives you a clear picture of where your brokerage stands — and a practical action plan to close the gaps. No IT background needed.
Built for brokers, not IT professionals:
Every question is written in plain, everyday English. Technical terms include built-in hover tooltips that explain them simply, and the companion user guide explains the intent behind every question so you always understand what's being asked and why.
When you're done, the tool generates a clear, easy-to-follow action plan tailored to your brokerage. Each recommendation tells you what the gap is, what to do about it, how urgent it is, and roughly how much time and money it will take — automatically sorted by priority. No guesswork, no generic advice — just practical steps based on your actual answers.
What's included:
1. Self-Assessment Tool (HTML file) An interactive assessment covering 12 key security areas across 70 questions, purpose-built for how mortgage brokers actually work:
→ Passwords & Access — Are lender portals, CRMs, and client files properly secured? → Backups & Recovery — Could you recover client data after ransomware or hardware failure? → Staff Awareness — Do your team know the red flags for BEC scams and settlement fraud? → Your Data — Are you handling borrower information in line with the Privacy Act? → Incident Response — Do you know what to do if client data is compromised? → Suppliers & Services — Are your IT providers, aggregators, and conveyancers covered? → Plus six more domains covering updates, security software, device security, network protection, secure configuration, and leadership planning.
2. User Guide & Question Reference (Word document) A comprehensive companion guide including:
→ Step-by-step instructions for navigating the assessment and using all features → Tips for answering accurately — what "Yes" really means and how to think about evidence → How to interpret your results — understanding your score, readiness level, and priority actions → How to use the Word and Excel exports for compliance, insurance, and IT provider discussions → Full question reference guide — every question explained with "Why This Matters" context and "Evidence to Look For" indicators
What you get when you complete the assessment:
✔ Overall security score with a clear readiness rating ✔ Visual dashboard with category-by-category breakdown ✔ Prioritised action plan — personalised to your answers, sorted by urgency, with estimated time and cost ✔ Specific, actionable recommendations written in plain language ✔ Exportable Word report — ready to share with aggregators or insurers ✔ Exportable Excel workbook with incident response contacts and step-by-step checklist ✔ Australian-focused — references OAIC, ACSC, Privacy Act, and Notifiable Data Breaches scheme
Who is this for?
- Sole operators wanting to protect their clients and their business
- Brokerage principals looking to benchmark their security practices
- Brokers preparing for aggregator compliance reviews or cyber insurance applications
- Credit representatives wanting to demonstrate due diligence
How it works:
Download both files — open the HTML file in any modern browser and keep the user guide handy. Answer the questions honestly, and the tool does the rest. No installation, no software, no cloud account required. Your data stays on your device.
Built by CyberAssure — practical cyber security tools for Australian businesses.