You can always press Enter⏎ to continue
Complimentary risk score assessment
How mature is your information governance?
START
1
Name
*
This field is required.
First Name
Last Name
Previous
Next
Submit
Press
Enter
2
Email
*
This field is required.
example@example.com
Previous
Next
Submit
Press
Enter
3
Phone Number
*
This field is required.
Please enter a valid phone number.
Previous
Next
Submit
Press
Enter
4
Company
*
This field is required.
Please enter your company name
Previous
Next
Submit
Press
Enter
5
Postcode
*
This field is required.
Example: 2000
Previous
Next
Submit
Press
Enter
6
Do you have a current inventory of the systems where your organisation’s information is stored?
*
This field is required.
Fully maintained and continuously updated
Mostly maintained, reviewed periodically
Partially documented
Ad hoc or outdated
Unsure
Previous
Next
Submit
Press
Enter
7
How confident are you in understanding what sensitive or high-risk data exists within those systems?
*
This field is required.
High confidence - automated insight and reporting
Moderate confidence - some tooling or reviews
Limited confidence - manual checks only
Low confidence - little to no visibility
Unsure
Previous
Next
Submit
Press
Enter
8
When was your retention and disposal schedule last reviewed?
*
This field is required.
Within the last 12 months
1–3 years ago
More than 3 years ago
We have one, but it’s not actively used
We don’t have a formal schedule/ Unsure
Previous
Next
Submit
Press
Enter
9
How are retention and deletion policies enforced across your systems?
*
This field is required.
Fully automated and enforced across all systems
Mostly automated, some manual steps
Partially enforced in selected systems
Manual or ad hoc
Not enforced / Unsure
Previous
Next
Submit
Press
Enter
10
Are records managed in place or moved into a central repository?
*
This field is required.
Managed in place across all systems
Mostly in place, some centralisation
Mixed approach
Mostly centralised
Unsure
Previous
Next
Submit
Press
Enter
11
Do you perform defensible disposal with audit evidence?
*
This field is required.
Yes - automated with full audit logs
Mostly automated with some manual approvals
Manual disposal with limited evidence
Rarely dispose of data
Never / Unsure
Previous
Next
Submit
Press
Enter
12
Can you apply a legal hold across key systems to prevent deletion when required?
*
This field is required.
Yes - automated and enforced across systems
Supported in some systems or manually
Mostly manual and slow
Not supported
Unsure
Previous
Next
Submit
Press
Enter
13
How prepared are you to respond to information access / privacy requests (e.g., FOI/RTI/DSAR)?
*
This field is required.
Very prepared - fast and repeatable
Prepared, but time-consuming
Limited - largely manual
Not prepared
Unsure
Previous
Next
Submit
Press
Enter
14
Can you identify where personal or sensitive information exists across your systems?
*
This field is required.
Yes - automated detection and reporting
Mostly - key systems covered
Partially - manual searches
No
Unsure
Previous
Next
Submit
Press
Enter
15
If a data breach occurred tomorrow, how confident are you in understanding what data was impacted?
*
This field is required.
Very confident - near real-time insight
Moderately confident - with investigation
Limited confidence
Not confident
Unsure
Previous
Next
Submit
Press
Enter
16
Is your organisation currently using or planning to use AI tools (e.g. Copilot, ChatGPT, internal AI)?
*
This field is required.
Already in use
Planning within 12 months
Exploring
No plans
Unsure
Previous
Next
Submit
Press
Enter
17
Do you control what data is allowed to be used in AI tools?
*
This field is required.
Yes - governed, filtered datasets only
Some controls in place
Policy-based only
No controls
Unsure
Previous
Next
Submit
Press
Enter
18
Do you have an approved AI use policy and process (approved tools, permitted data, exceptions)?
*
This field is required.
Yes - policy, approvals and monitoring
Policy exists, limited enforcement
Informal guidance only
No
Unsure
Previous
Next
Submit
Press
Enter
19
What information governance challenges are currently most significant for your organisation?
*
This field is required.
Select all that apply
Privacy and compliance risk
Retention and disposal enforcement
FOI / access request response times
Data sprawl across systems
AI risk
Audit or regulatory pressure
Storage and cost growth
Unsure
Previous
Next
Submit
Press
Enter
20
Do you have upcoming audits, regulatory deadlines or transformation initiatives driving urgency?
*
This field is required.
Yes - within 6 months
Yes - within 12 months
Possibly
No
Unsure
Previous
Next
Submit
Press
Enter
21
Do staff receive regular guidance/training on handling sensitive information and retention?
*
This field is required.
Yes - formal training at least annually
Some training, inconsistent uptake
Ad hoc guidance only
No
Unsure
Previous
Next
Submit
Press
Enter
22
Which systems are used to store or manage information in your organisation?
*
This field is required.
Select all that apply
Network drives
Microsoft 365 (SharePoint, OneDrive, Teams)
Email / Exchange
CRM (e.g. Salesforce)
Service management (e.g. ServiceNow)
Cloud platforms (AWS, Azure, GCP)
ERP / HR (SAP, Workday, Oracle)
Collaboration tools (Slack, Box, Google Workspace)
Other / Unsure
Previous
Next
Submit
Press
Enter
Should be Empty:
Question Label
1
of
22
See All
Go Back
Submit
