Is Your Organization Ready? Assessment Quiz - CertMS

Is Your Organization Ready?

Assessment quiz to determine if your organization is ready for the CA/B Forum changes starting March 2026

1. How many SSL/TLS certificates does your organization currently manage?

We don\'t know / Haven\'t counted Less than 50 50-200 200-1,000 1,000+

2. How do you currently track certificate expiration dates?

We don\'t actively track them Manual spreadsheet or calendar reminders Basic monitoring tool (email alerts only) Dedicated certificate management platform Automated discovery + monitoring + renewal

3. Have you experienced a certificate-related outage or service disruption in the past 24 months?

Yes, multiple times Yes, once No, but we\'ve had close calls No, and we have proactive monitoring

4. What percentage of your certificates are currently auto-renewed using ACME or similar protocols?

0% – Everything is manual 1-25% – Mostly manual with some automation 26-50% – Working toward automation 51-75% – Majority automated 76-100% – Fully automated

5. When was the last time you conducted a comprehensive certificate discovery audit across your infrastructure?

Never / Don\'t know More than 12 months ago Within the last 6-12 months Within the last 3-6 months Continuous/automated discovery

6. Do you manage certificates for air-gapped systems, legacy applications, or OT/ICS environments?

Yes, and we renew them manually Yes, with semi-automated processes No air-gapped systems Yes, with documented automation workflows

7. How many full-time employees (or FTE equivalent) currently manage certificate lifecycle tasks?

<0.5 FTE – It\'s someone\'s side task 0.5-1 FTE 1-2 FTE 2+ FTE Fully automated – minimal human intervention

8. Do you have documented procedures for certificate renewal tied to specific certificates or systems?

No documentation exists Some informal notes or tribal knowledge Basic documentation, but not always followed Comprehensive documentation, regularly updated Documentation integrated with automation workflows

9. How do you currently handle compliance reporting for certificate audits (SOC 2, PCI-DSS, HIPAA, etc.)?

Manual reports compiled during audit season Quarterly manual reports Monthly automated reports Real-time dashboards + on-demand reports

10. Which of these deadlines are you aware of and planning for?

Not aware of any upcoming changes Heard about changes, no plan yet Aware of March 2026 (200-day limit) Aware of all phases through 2029 Actively implementing automation before March 2026

Your Information

Name