Viewfinder logo

Sovereignty Readiness Assessment

Evaluate your knowledge on digital independence. This 7-domain assessment identifies your current knowledge on reliance and technical autonomy.

7 Critical Domains
Executive Oversight Technical Sovereignty Open Source Operational Sovereignty Data Sovereignty Managed Services Assurance Sovereignty
🏆 Leaderboard (Top 5)
By Score By Date
Test 2026-01-23 62%
🔒 Privacy Policy
Data processed locally
No results saved unless opted-in
Leaderboard stores Name & Score
Certificates are private

Executive Oversight

Digital Sovereignty is primarily a 'cost-saving' initiative. (Hint) Is the goal spending less money or having more control?
CEOs should worry about single-provider concentration. (Hint) What happens if your only provider has a major outage?
Sovereignty risk belongs on the Corporate Risk Register. (Hint) Is this a technical problem or a business continuity problem?

Technical Sovereignty

Using a 'Single-Pane-of-Glass' tool from a vendor reduces technical lock-in. (Hint) Does this tool make it easier or harder to leave the ecosystem?
Proprietary 'Serverless' functions are easily portable. (Hint) Do these functions exist outside of the provider's specific ecosystem?
Open standards can help reduce vendor lock-in. (Hint) Think about how easily you could move this data to another host.

Open Source

The ability to audit the source code is the primary sovereignty benefit of OSS. (Hint) Think about finding hidden 'backdoors'.
OSS can be 'forked' if a vendor disappears. (Hint) Can you take the code and run it yourself if the company dies?
OSS software is 100% secure by default. (Hint) Does having the code mean it was written perfectly?

Operational Sovereignty

Remote 'Emergency Access' by a vendor is acceptable in a sovereign environment. (Hint) Could this access be used without your supervision?
Local support staff are a requirement for many sovereign clouds. (Hint) Consider whose laws the actual human workers must follow.
Sovereignty exists even if a vendor can unilaterally cancel your account. (Hint) If someone else holds the kill-switch, do you have autonomy?

Data Sovereignty

Provider-managed keys guarantee 100% data sovereignty. (Hint) Who really holds the master key in this scenario?
Metadata (usage patterns, timestamps) is less sensitive than the data content itself. (Hint) Can someone reconstruct your behaviour just from timestamps?
A foreign cloud provider's home government can legally demand access to your data, even if it is stored locally. (Hint) Consider extraterritorial laws like the US CLOUD Act.

Managed Services

Managed services often obscure the 'Supply Chain' risk of underlying components. (Hint) Do you always know which 'sub-providers' your vendor uses?
Total outsourcing increases internal expertise. (Hint) If you pay others to do the work, do your staff learn how to do it?
Managed services can be used sovereignly. (Hint) Can a managed service be sovereign if the contract is right?

Assurance Sovereignty

Regular penetration testing by an independent firm is a form of assurance sovereignty. (Hint) Does this provide neutral evidence of security?
Third-party audits are more reliable than vendor claims. (Hint) Is it better to take their word or see independent proof?
You can verify integrity without source code access. (Hint) Can you be 100% sure what is 'under the bonnet' if you can't see it?