Facebook X-twitter Linkedin
Call Us: 301.541.3237
blacksmith infosec compliance service caas

Free, Open Source Risk Assessment Tool for MSPs and vCISOs

Share Article:

Table of Contents:

We Just Released a Free Risk Assessment Tool!

We’ve been talking with a lot of our partners lately, and a couple of things keep coming up: risk assessments and sales enablement. MSPs want a simple tool to evaluate client risk and show value early in the conversation without getting buried in complexity or licensing costs.

So, we decided to build one.

We’re excited to introduce Blacksmith’s free, open source risk assessment tool — a quick, 20-question checklist designed to help MSPs run high-quality cybersecurity assessments that look professional and deliver results.

 

What It Does

Our tool runs through twenty focused questions that cover key areas of risk, giving you structured insights that make it easier to discuss next steps with clients. You can also run an external domain scan to get a clearer view of what’s exposed on the internet. When you’re done, you get a clean, client-ready report in Word or PDF format.

Risk Questionnaire
risk assessment tool

DNS Scan

free msp risk scan

High-Quality Visualization

free MSP risk

 

The best part? It’s open source and released under the Apache 2 license. That means you can use it in commercial projects, customize it for your environment, or even build your own modules on top of it.

Where to Find It

You can check out the source code on GitHub at https://github.com/blacksmith-infosec/risk-assessments.

Or, if you want to jump straight in, try the live version at https://assess.blacksmithinfosec.com/.

Why We Built It

We wanted to give MSPs an accessible way to start real security conversations with clients. Sometimes all it takes is a quick, visual overview of where a business stands to open up those deeper discussions about security programs, compliance, and managed services.

This release is just the beginning. We’d love your feedback, suggestions, and contributions. Whether you find a bug, have an idea for a new feature, or want to tweak the question set, we’d be thrilled to see what you come up with.

Come play with it, test it out, and let us know what you think.

We built this for the MSP community — and with your help, it’ll keep getting better!

Additional Articles
MSP compliance coaching and guidance
MSP as Compliance Coach: Educating Clients to Prevent Regulatory Mistakes Before They Happen
Read More
msp risk assessment tool free open source
Free, Open Source Risk Assessment Tool for MSPs and vCISOs
Read More
compliance culture in business MSP IT
It Takes More Than Policies — Building a Resilient Compliance Culture
Read More

Check Out Our Compliance Podcast on Spotify!

Get NIST-y!