PGPKS QUESTIONNAIRES

LIST OF QUESTIONNAIRES

Instructions to SME:

This questionnaire should be answered by:
- PART 1 – preferably by owner or company’s HR or administrator
- PART 2 – preferably by owner or company’s administrator with the assistance of company’s IT technical or IT administrator who oversees the company’s IT facilities and infrastructure
Kindly answer all the questions as precise as possible and finish all the questions.
In case of any inquiry to the questions, kindly drop a call at 03-80087183 / +6010-8674399 or email at pgpks@cybersecurity.my
Thank you very much for your kind cooperation.

PART 1A: SME DEFINITION - DEMOGRAPHIC

Company Full Name*

Please type your full company name.

Company Address*

Please type your company address

Postcode*

Please Specify

City*

Please Specify

State*

Invalid Input

Contact Person*

Please type your full name

Mobile No*

Not a valid phone number

E-mail*

Invalid email address

Geography - The location of majority of people who use your company's IT facilities for business operations*

Invalid Input

In which sectors does your company mainly involved?*

Invalid Input

Could you give in detail the subsectors of the business? (click HERE to see the list in the appendix)*

Please Specify

In which Government Agencies does the company has mainly attached to

Invalid Input

Please Specify

Example: Social Media: Facebook, Instagram Authorised Partner: Company ABC Events: CyberDSA 2023

PART 1B: SME DEFINITION - PROCESS

Note:

‘Full time’ describes the permanent and contract employee, work at least 8 hours a day for 5 days a week.
‘Non full-time’ means those who work part-time,or on hourly basis or freelancer.

Note:

‘Full time’ describes the permanent and contract employee, work at least 8 hours a day for 5 days a week.
‘Non full-time’ means those who work part-time,or on hourly basis or freelancer.

3. How many of employee, Full-time and free lancers who have access to the company’s IT facilities and use them on daily operation*

4. What is your yearly turnover average, in the last 3 years? (RM)*

Please Specify

5. How much does the company spent and invest in ICT for the past 5 years? *

6. In relation to question above, in which area does your company spent and invest in ICT for the past 5 years? *

No investment in ICTIT infrastructureGadget and workstationSoftware & Application DevelopmentProfessional ServicesSupport & MaintenanceLicenses Invalid Input

(Can be in multiple selection)

7. What is the company paid up capital?*

PART 2A: TECHNICAL REQUIREMENT -TECHNOLOGY

8. Any plan to upgrade the company’s ICT in 3 years from now?*

Yes

No

Invalid Input

9. In which area does the company is planning to upgrade its ICT in 3 years from now?*

No investment in ICT for the next 3 yearsIT infrastructureSoftware & Application DevelopmentSupport & MaintenanceLicenses Invalid Input

(Can be in multiple selection)

10. In what aspect do you know the importance of the cybersecurity the most?*

Protects system against viruses, worms, spyware and other unwanted programs.Protection against data from theft.Protects the computer from being hacked.Minimizes computer freezing and crashes.Gives privacy to users Invalid Input

11. Do you have physical infra, could you list down the main components used in your company?*

0/500

Invalid Input

12. To join PGPKS, the company need to expose their internal IPs / network to CYBERSECURITY MALAYSIA or its associate. Are you willing to expose your network for the VAPT / CMERP purposes?*

Yes

No

Invalid Input

Note:

CYBERSECURITY MALAYSIA will have a very tight policy / NDA hence do not worry on the information leakage.

13. How many in the company is connected to the company's internet, ICT device inclusive their own device for company's daily operation and personal use? (Average per day)*

Please Specify

14. Have your company encounter any cyber threat before such as wire transfer fraud or ransomware?*

Yes

No

Invalid Input

15. Are your information security and business priorities aligned?*

Yes

No

Invalid Input

16. Are you aware on the importance of cyber security in your business?*

17. Do you feel that it is important to have cybersecurity in your business?*

18. Investing in cyber security for your company is expensive but crucial to the company*

19. Allocating a yearly budget for cyber security as part of ICT maintenance is critical for the organisation as part of its regular expenses.*

20. Investing in cybersecurity for your company is a waste of time and money*

21. How do you envision your company's automation system in 5 years?*

Fully automation, full online operation processes and full online transactionPartial automation, partial online operation processes and Partial online transactionsNo online automation with minimum online operation processes but fully online transactionsHalf of the invoicing process is done manually, with only half of the transactions taking place onlineOnly manual process and manual invoicing process Invalid Input

22. From 1 to 5, how would you rate your company's cyber security, including processes, infrastructure/software, and human readiness?*

Note:

5 would be the highest and 1 would be the lowest

23. How important do you believe cyber security in your company’s day-to-day operations?*

Note:

5 would be the highest and 1 would be the lowest

LEVEL 2B: TECHNICAL REQUIREMENT - PEOPLE

24. Do you have a dedicated IT officer or someone who acts as an IT officer in your organisation? Is he/she easily accessible?*

Yes

No

Invalid Input

25. Do you rely on the IT vendor for ICT services in your company's day-to-day operations? For instance, to backup, shut down the server, configure the system, and so on.*

Yes

No

Invalid Input

26. If the abovementioned question is answered 'Yes', would you be able to ensure that the vendor is available for the PGPKS exercise in a timely manner (within a week)?*

Yes

No

Invalid Input

27. Are you currently involve in any Cyber Security campaign run by other agencies (MDEC, SME Corp, MITI, etc)

Invalid Input

Please Specify

28. In your view and experience, do you believe CyberSecurity Malaysia is capable of assisting you in managing your company's cyber security?*

Yes

No

Invalid Input

29. Does anyone in the company has certification or expertise in Information Security and Risk Management?*

Yes

No

Invalid Input

30. Can you detect any attempted or successful cyber security incident, brute force assault, or data breach performed against your company?*

Yes

No

Invalid Input

31. Are the employees in the company being appropriately trained on cybersecurity, especially those who use the company’s IT facility on daily basis?*

Yes

No

Invalid Input

PGPKS Form

PART 1A: SME DEFINITION - DEMOGRAPHIC

PART 1B: SME DEFINITION - PROCESS

PART 2A: TECHNICAL REQUIREMENT -TECHNOLOGY

LEVEL 2B: TECHNICAL REQUIREMENT - PEOPLE