Viewfinder logo

Sovereignty Readiness Assessment

Evaluate your knowledge on digital independence. This 7-domain assessment identifies your current knowledge on reliance and technical autonomy.

7 Critical Domains
Managed Services Assurance Sovereignty Open Source Data Sovereignty Operational Sovereignty Technical Sovereignty Executive Oversight
🏆 Leaderboard (Top 5)
By Score By Date
Test 2026-01-23 62%
🔒 Privacy Policy
Data processed locally
No results saved unless opted-in
Leaderboard stores Name & Score
Certificates are private

Managed Services

Managed services can be used sovereignly. (Hint) Can a managed service be sovereign if the contract is right?
Total outsourcing increases internal expertise. (Hint) If you pay others to do the work, do your staff learn how to do it?
Managed services often obscure the 'Supply Chain' risk of underlying components. (Hint) Do you always know which 'sub-providers' your vendor uses?

Assurance Sovereignty

Regular penetration testing by an independent firm is a form of assurance sovereignty. (Hint) Does this provide neutral evidence of security?
You can verify integrity without source code access. (Hint) Can you be 100% sure what is 'under the bonnet' if you can't see it?
Third-party audits are more reliable than vendor claims. (Hint) Is it better to take their word or see independent proof?

Open Source

OSS can be 'forked' if a vendor disappears. (Hint) Can you take the code and run it yourself if the company dies?
The ability to audit the source code is the primary sovereignty benefit of OSS. (Hint) Think about finding hidden 'backdoors'.
OSS software is 100% secure by default. (Hint) Does having the code mean it was written perfectly?

Data Sovereignty

Metadata (usage patterns, timestamps) is less sensitive than the data content itself. (Hint) Can someone reconstruct your behaviour just from timestamps?
A foreign cloud provider's home government can legally demand access to your data, even if it is stored locally. (Hint) Consider extraterritorial laws like the US CLOUD Act.
Provider-managed keys guarantee 100% data sovereignty. (Hint) Who really holds the master key in this scenario?

Operational Sovereignty

Local support staff are a requirement for many sovereign clouds. (Hint) Consider whose laws the actual human workers must follow.
Sovereignty exists even if a vendor can unilaterally cancel your account. (Hint) If someone else holds the kill-switch, do you have autonomy?
Remote 'Emergency Access' by a vendor is acceptable in a sovereign environment. (Hint) Could this access be used without your supervision?

Technical Sovereignty

Proprietary 'Serverless' functions are easily portable. (Hint) Do these functions exist outside of the provider's specific ecosystem?
Using a 'Single-Pane-of-Glass' tool from a vendor reduces technical lock-in. (Hint) Does this tool make it easier or harder to leave the ecosystem?
Open standards can help reduce vendor lock-in. (Hint) Think about how easily you could move this data to another host.

Executive Oversight

Digital Sovereignty is primarily a 'cost-saving' initiative. (Hint) Is the goal spending less money or having more control?
Sovereignty risk belongs on the Corporate Risk Register. (Hint) Is this a technical problem or a business continuity problem?
CEOs should worry about single-provider concentration. (Hint) What happens if your only provider has a major outage?