Viewfinder logo

Sovereignty Readiness Assessment

Evaluate your knowledge on digital independence. This 7-domain assessment identifies your current knowledge on reliance and technical autonomy.

7 Critical Domains
Managed Services Operational Sovereignty Executive Oversight Data Sovereignty Open Source Assurance Sovereignty Technical Sovereignty
🏆 Leaderboard (Top 5)
By Score By Date
Test 2026-01-23 62%
🔒 Privacy Policy
Data processed locally
No results saved unless opted-in
Leaderboard stores Name & Score
Certificates are private

Managed Services

Total outsourcing increases internal expertise. (Hint) If you pay others to do the work, do your staff learn how to do it?
Managed services can be used sovereignly. (Hint) Can a managed service be sovereign if the contract is right?
Managed services often obscure the 'Supply Chain' risk of underlying components. (Hint) Do you always know which 'sub-providers' your vendor uses?

Operational Sovereignty

Sovereignty exists even if a vendor can unilaterally cancel your account. (Hint) If someone else holds the kill-switch, do you have autonomy?
Remote 'Emergency Access' by a vendor is acceptable in a sovereign environment. (Hint) Could this access be used without your supervision?
Local support staff are a requirement for many sovereign clouds. (Hint) Consider whose laws the actual human workers must follow.

Executive Oversight

Digital Sovereignty is primarily a 'cost-saving' initiative. (Hint) Is the goal spending less money or having more control?
Sovereignty risk belongs on the Corporate Risk Register. (Hint) Is this a technical problem or a business continuity problem?
CEOs should worry about single-provider concentration. (Hint) What happens if your only provider has a major outage?

Data Sovereignty

Provider-managed keys guarantee 100% data sovereignty. (Hint) Who really holds the master key in this scenario?
A foreign cloud provider's home government can legally demand access to your data, even if it is stored locally. (Hint) Consider extraterritorial laws like the US CLOUD Act.
Metadata (usage patterns, timestamps) is less sensitive than the data content itself. (Hint) Can someone reconstruct your behaviour just from timestamps?

Open Source

OSS software is 100% secure by default. (Hint) Does having the code mean it was written perfectly?
The ability to audit the source code is the primary sovereignty benefit of OSS. (Hint) Think about finding hidden 'backdoors'.
OSS can be 'forked' if a vendor disappears. (Hint) Can you take the code and run it yourself if the company dies?

Assurance Sovereignty

You can verify integrity without source code access. (Hint) Can you be 100% sure what is 'under the bonnet' if you can't see it?
Regular penetration testing by an independent firm is a form of assurance sovereignty. (Hint) Does this provide neutral evidence of security?
Third-party audits are more reliable than vendor claims. (Hint) Is it better to take their word or see independent proof?

Technical Sovereignty

Open standards can help reduce vendor lock-in. (Hint) Think about how easily you could move this data to another host.
Using a 'Single-Pane-of-Glass' tool from a vendor reduces technical lock-in. (Hint) Does this tool make it easier or harder to leave the ecosystem?
Proprietary 'Serverless' functions are easily portable. (Hint) Do these functions exist outside of the provider's specific ecosystem?