Skip to content
Archived content. You are viewing v1 of SME Digital Advisor — the original multi-section site (risks, scenarios, policies, OWASP, flashcards). Go to current site →

When you're being asked a question

Answer with confidence.

For most established SMEs, the trigger to think hard about cyber isn't a fear of what could go wrong — it's a question from outside. A customer wants evidence. An insurer wants a form filled in. The board wants a quarterly view. M&A is on the horizon. Pick the one that fits and you'll find the right page, in the right order, with a credible answer.

M&A / investor

We're in due diligence (sell-side or buy-side)

IT and data are usually the costliest unknowns in a deal. Clean answers compress diligence and protect valuation.

Where to start

A pattern that helps

Build the evidence pack once. Reuse it everywhere.

Most stakeholder questions overlap. The same evidence answers a customer questionnaire, an insurer's renewal form, a board update, a procurement check, and most of an M&A IT data room. Build the pack once — signed policies, an incident response plan, a data map, a tools register, MFA / backup / training evidence — and your answer time drops from a week to an afternoon.

See Policies & starters for the building blocks, or Your role for who in the business owns each.