The Readiness Standard

Security readiness you can understand, maintain, and explain.

Index8 is built around a simple standard: every score should lead to a useful next step, and every recommendation should connect to something your team can review, update, or share.

Six principles

The Standard, made practical.

Every score, recommendation, and report follows the same six principles.

Security readiness over guesswork

Index8 turns simple answers into a score, checklist, policy plan, evidence plan, and report.

Evidence over empty claims

Recommendations connect to controls, policies, training records, or evidence items.

Preparation over promises

Index8 helps organize readiness work before renewals, client reviews, and internal planning become urgent.

Clear over complicated

Owners and operators should understand what matters without learning enterprise security language.

Guidance with good judgment

Index8 gives your team clear readiness guidance and helps you know when a decision belongs with a qualified professional.

A system your team can maintain

Readiness should not depend on one person's memory, inbox, or screenshots.

How this helps your team

A clearer way to manage security readiness work.

Know what is in place

One score and four pillars give your team a shared picture of where readiness stands today.

See what needs attention

The next action card surfaces the one item that will move your score most.

Create policies your team can use

Editable templates for AI usage, passwords, vendor access, and incident response.

Keep evidence organized

Screenshots, records, and acknowledgments live with the control they support.

Share a clearer report

A review-ready summary you can hand to a broker, client, advisor, or internal leader.

Come back each quarter

Review prompts keep policies and evidence current before the next conversation lands.

What the Standard covers

Four pillars, ten categories, twenty-six controls.

Every security readiness question, every policy template, every evidence type maps to a control in the library.

The four pillars are people and training, systems and access, policies and documentation, and response and recovery. Each pillar carries two or three categories, and each category carries three to five controls. Every control names what counts as supporting evidence, how often it should be reviewed, and how strongly it weights the score.

Start here

Put the standard to work.

Create your account and we will guide your team through the Readiness Standard. The security readiness check is free if you want to see where you stand first.

Run a security readiness check
See how the score works