In This Guide
- The Essential Eight in plain English
- Monthly checklist (8 tasks)
- Quarterly checklist (5 tasks)
- Biannual checklist (4 tasks)
- Annual checklist (5 tasks)
- How tasks map to Essential Eight controls
- Brisbane storm-season specifics
- How a managed plan implements this
- Geeks Brisbane plan pricing
- Frequently asked questions
If you run a small to mid business in Brisbane, you need a simple IT maintenance checklist you can trust. This guide lines up with the ACSC Essential Eight and local conditions. Use it to cut downtime, protect data, and plan your update schedule across the year.
Run a monthly, quarterly, biannual and annual rhythm aligned to ACSC Essential Eight. Monthly = patch, backup test, MFA, EDR, macro check. Quarterly = vuln scan, access review, network firmware. Biannual = DR test, warranty audit. Annual = re-baseline all 8 controls and target a higher maturity level. Premium $149/user managed plans run this end-to-end.
The Essential Eight in Plain English
The ACSC Essential Eight is the Australian baseline of mitigation strategies. There are three maturity levels (ML1 minimum, ML3 highest). Most SMEs target ML1. Regulated industries aim for ML2.
- 1. Patch applications within 14-30 days, faster for critical CVEs
- 2. Patch operating systems on the same cadence
- 3. MFA on email, VPN, admin portals, all internet-facing services
- 4. Restrict admin privileges via Just-In-Time / privileged access reviews
- 5. Application control to allow only approved executables
- 6. Restrict Microsoft Office macros via Group Policy or Intune
- 7. User application hardening (Java, ads, browser plugins)
- 8. Regular backups with tested restores
Brisbane businesses see heat, storms, and patchy internet. A clear list helps you avoid data loss, service drops, and surprise costs. It supports cyber insurance, meets client audits, and keeps staff working.
Monthly Checklist (8 Tasks)
Allow 1-3 hours. These are the non-negotiables every month:
-
Patch management
Apply OS and app updates within 14-30 days. Fast-track critical patches within 48 hours. -
Backup testing
Restore files from last night and last week. Check offsite copies and retention. -
Endpoint monitoring
Review AV/EDR status, disk space, CPU temps, event logs. -
MFA & account checks
Spot-check MFA on email, VPN, RMM, admin portals. Review risky sign-ins. -
Application control
Confirm allow-lists active. Block common risky file types in email gateway. -
Macro settings
Confirm Office macro restrictions still in place via Group Policy/Intune. -
User reminders
2-minute phishing tip in team chat. Friendly, not preachy. -
Update schedule
Note next patch window, reboot approvals, change requests.
Quarterly Checklist (5 Tasks)
Allow 2-6 hours. Best done on a quiet Friday:
- Vulnerability scanning: internal and external scans. Track highs to closure.
- Access reviews: remove leavers, reduce standing admin rights, rotate shared creds.
- Network checks: UPS tests, switch/router firmware, Wi-Fi coverage.
- Backup audit: review retention (30/90/365 days), test full VM/server restore.
- Security posture: check against ACSC Essential Eight maturity target.
Want the Editable Checklist?
Free 30-min discovery call. We'll send the editable Excel/Sheet aligned to your business size.
Book Free Discovery →Biannual Checklist (4 Tasks)
Two checkpoints — Sep/Oct (pre-summer) and Apr/May (post-wet):
- Disaster recovery test: time a real restore to alternate hardware or cloud. Capture RTO/RPO.
- Warranty & support audit: note expiring warranties, licences, domain/SSL renewals.
- Policy refresh: update incident response, staff onboarding/offboarding.
- Capacity & costs: storage growth, M365 usage, internet plan fit.
Annual Checklist (5 Tasks)
One full day, ideally August or February (away from EOFY chaos):
- Strategy & budget: align spend to risk. Replace end-of-life gear. Plan a 12-month roadmap.
- Asset lifecycle: audit all devices. Tag, record, schedule replacements (3-5 year cycles).
- Security controls: re-baseline Essential Eight settings. Target a higher maturity where it helps.
- Vendor & ISP review: check SLAs, backup platforms, RMM tools still fit.
- Training: staff refresher on phishing, MFA, data handling.
How Tasks Map to Essential Eight Controls
| Essential Eight Control | Cadence | Maps to Tasks |
|---|---|---|
| Patch applications | Monthly + 48hr criticals | Patch management, vuln scans |
| Patch operating systems | Monthly + 48hr criticals | Patch management, endpoint monitoring |
| MFA | Monthly + ad-hoc | MFA spot-checks, access reviews |
| Restrict admin privileges | Quarterly | Access reviews, JIT admin |
| Application control | Monthly review | Allow-list audit, AppLocker |
| Restrict Office macros | Monthly check | Macro settings audit |
| User app hardening | Annually + on update | Browser/Java/ad policy review |
| Regular backups | Monthly test, quarterly DR | Backup testing, DR drill |
Pro tip: Cyber insurers increasingly ask for evidence of all eight controls at renewal. Premium Geeks Brisbane managed plans ($149/user/month) include a monthly Essential Eight maturity report you can hand to your broker — no scrambling for evidence.
Brisbane Storm-Season Specifics
Heat & humidity
Summer heat raises server temps; fans clog with dust. Humidity in bayside areas (Wynnum, Manly, Cleveland) corrodes ports. Quarterly hardware checks catch these before they fail.
Storms & power dips
Storms cause short power dips in suburbs like The Gap, Rocklea and Logan. UPS batteries fail faster as a result. Two biannual checkpoints (pre-summer and post-wet) keep gear ready.
Flash flooding
Flash flooding can hit low-lying sites around Rocklea and Albion. Keep gear off floors, use waterproof boxes for cabling, have a remote workplace plan.
NBN quirks by suburb
CBD and Fortitude Valley older wiring can cause dropouts on FTTN/HFC. West End and Woolloongabba see shared-unit congestion. North Lakes and Springfield business parks often need 4G/5G failover for busy periods.
Watch out: Maturity Level claims without evidence are common. If a provider says "we're Essential Eight aligned" but can't show you a maturity score per control, ask for the report. Real ML1 evidence includes patch compliance percentages, MFA coverage logs and tested backup restores.
How a Geeks Brisbane Managed Plan Implements This
-
Audit
Free 30-min discovery. Score current state against ML1 controls. -
Plan
Quote with itemised inclusions, SLAs and 6-month roadmap to ML1. -
Implement
Deploy RMM, EDR, MFA, backup. Apply macro/app control policies. -
Monitor monthly
Run the checklist, send Essential Eight maturity report each month.
Geeks Brisbane Plan Pricing
| Plan | Essential Eight Coverage | Price |
|---|---|---|
| Standard Managed | Monthly patching, backup tests, EDR, MFA support, helpdesk | $99/user/mo |
| Premium Managed | Standard plus full ML1 alignment, vuln scans, quarterly DR test, monthly E8 report | $149/user/mo |
| 24/7 Coverage Add-On | After-hours alerts, on-call tech | From $199/mo |
| Annual Security Audit | Full Essential Eight maturity review, written gap report | Included (premium) |
| Onsite Visits | Hardware, network, complex changes across Brisbane | $205/hr |
| Remote Support | Helpdesk via secure screen-share | $125/hr |
| Free Discovery Call | 30-minute scoping, current ML score, indicative quote | Free |