Do not lose your biggest contract because you cannot answer a security questionnaire.
Your client has sent a security questionnaire. You have a deadline. CyberCraft reviews it, assesses it against your current controls, and delivers a completed, accurate response — with a supporting evidence pack — in two to three weeks.
"A new enterprise client sent us a 45-question security questionnaire as part of vendor onboarding. We can't answer most of it honestly."
Enterprise vendor questionnaires are increasingly detailed. Answering what you don't have creates liability. CyberCraft answers what you do have — accurately.
"We're bidding on a government tender that requires us to complete an ASD cybersecurity questionnaire. We don't know where to start."
ASD questionnaires have specific control language. CyberCraft has completed hundreds of them — we know what each question is actually asking.
"A large client is threatening to remove us from their approved vendor list unless we can demonstrate our security controls."
Vendor list removal is a real commercial consequence. A completed questionnaire with evidence stops the clock.
"Our cyber insurer sent a security questionnaire for renewal. We answered it last year but some answers weren't accurate."
Misrepresentation on an insurance application can void your cover at claim time. CyberCraft corrects the record.
If your questionnaire comes from one of these sources, CyberCraft has completed it before — we know the control language, the evidence expected, and the common gaps.
ASD Cybersecurity Questionnaires
Government and defence supply chain
ISO 27001-Aligned Vendor Assessments
Enterprise and financial services
Essential Eight Maturity Questionnaires
Government and large enterprise
Cyber Insurance Applications
All major AU/NZ insurers
Bespoke Enterprise Questionnaires
Client-specific vendor security requirements
Completed questionnaire response
Accurate, defensible answers to every question. Where a control exists, it's claimed. Where it doesn't, the gap is documented — not misrepresented.
Supporting evidence pack
Documentation for each claim made in the response — policy references, configuration screenshots, process documentation. Submitted with the questionnaire where required.
Gap summary
A frank list of the controls that could not be claimed honestly, with the specific remediation required. You know exactly what to fix for the next questionnaire.
Reusable control library
A documented record of your security controls, structured for reuse. The next questionnaire from the same framework takes a fraction of the effort.
Client-Ready Security — Pricing Configurator
Questionnaire complexity determines the price. No lengthy scoping call required.
↳ JS configurator to be built. Inputs: framework type, question count (under 30 / 30–80 / over 80), existing docs. Rush surcharge: +30% for under 5 business days.