CONFIDENTIAL — Information collected in this form is intended solely for SECANTA and the named client organization. Data will be used exclusively for security advisory scoping.
01 Organization Identification
02 Primary Point of Contact
Technical / IT Contact (if different)
03 IT Environment Overview
Microsoft 365
Google Workspace
Azure / Entra ID
AWS
On-Prem Active Directory
VPN / Remote Access
04 Current Security Posture
Antivirus / EDR
Firewall (managed)
MFA everywhere
Email security / filtering
SIEM / log monitoring
Backup solution
Security awareness training
Vulnerability scanning
Incident response plan
None of the above
Yes
No
Unsure
05 Data & Asset Classification
Customer PII
Financial / payment data
Health / PHI records
Intellectual property
Employee HR data
Government / CUI
06 Compliance & Regulatory Context
PCI DSS
SOC 2
CMMC / DoD
State Privacy Law
Cyber Insurance req.
FTC Safeguards Rule
None currently known
Yes
No
In process
07 Third Parties & Remote Access
Yes
No
All Remote
Hybrid
On-Site Only
08 Engagement Goals & Scope
Build security program from scratch
Improve existing posture
Customer/partner requirement
Qualify for cyber insurance
Respond to recent incident
Risk assessment / gap analysis
Penetration testing / red team
Ongoing vCISO / advisory
Immediate (<30d)
1–3 months
3–6 months
6+ months
09 Authorization & Signature
By signing below, the authorized representative confirms that the information provided is accurate and authorizes SECANTA to use it solely for delivering professional security advisory services.
AUTHORIZED SIGNATURE
FOR SECANTA USE ONLY | Client ID: _____________ | Received By: _____________ | Date Received: _____________
