Cyber Essentials Pre-checklist & Requirements

Ensure your business is protected from cyber attacks with our Cyber Essentials plans. At Forensic Control we offer simple step-by-step guidance to help companies achieve cyber essentials certification with the minimum of fuss. Most of our clients pass at the first attempt.

What areas does the Cyber Essentials questionnaire cover?

The questions will cover the following areas:

  • Boundary Firewalls

  • Secure Configuration

  • Access Control

  • Patch Management

  • Password-Based authentication

  • Anti-Malware Software

  • Whitelisting

  • Sandboxing

Cyber Essentials Pre-Checklist

Below are 10 points which if met would put you in a good position to ensure compliance with the Cyber Essentials standard. There are around 60 questions in total that need to be complied with, but meeting these 10 points would help a lot.


The 10 questions below can be used as a pre-Cyber Essentials checklist to gauge an organisation's readiness for the certification.

  1. Do you have a list of all the devices* which access your organisations's data? Does this include make, model and operating system version (eg., Windows 10 Version 1909, Mac OS 10.15.3)?

  2. Do you have a firewall between your network and the internet, and have you changed the password to something non-guessable since you received it?

  3. Do you allow users via the internet, such home based workers using a VPN, into your network? How do you protect this connection?

  4. Are all your devices protected by a unique user name and a non-guessable password of 8 characters or more?

  5. Have you removed all software on your devices that you don't use?

  6. Is all software and operating systems currently supported by the manufacturer and updated to the latest versions?

  7. Have you removed any user accounts which are no longer required?

  8. When  using email or the internet no one should ever be logged in with an Administrator account. How do you ensure this?

  9. Are all your devices (including Mac computers) protected by updated anti-malware**?

  10. How do you manage mobile devices (both company issued and staff-owned) to ensure that they don't have unauthorised apps installed and that they are using supported operating systems?


*this includes laptops, mobile phones, servers, tablet, desktops...

** anti-malware isn't available for iPhones/iPads

Do I have to provide evidence to support my application?

Yes, you do. All applications will need to be supplied with some form of evidence for your assessor. The majority of applications will include the following as evidence:

  • Password policy

  • IT policy

  • Network diagram

Further evidence may be required depending on your answers to the questions, but if you need more evidence our assessors will request this from you online.

How can I start cyber essentials?

We offer cyber essential plans that can help you achieve whichever certification level you wish to go for. The majority of our clients meet the requirements the first time.

View Cyber Essentials Plans


St Bride Foundation

14 Bride Lane




Free Tools

©2019 by Forensic Control  All Rights Reserved.      

This site uses cookies to enable certain functions. By using this site, you consent to the use of cookies.