Skip to main content

BetaThis is a working tool to help organisations prepare for Cyber Essentials certification. Your responses are stored in this browser only — nothing is sent to a server. Give feedback on GitHub.

Cyber Essentials Readiness Tool

Not an official assessment. This tool helps you prepare for Cyber Essentials certification. Official certification must be obtained through an IASME-accredited Certification Body.

Work through the five Cyber Essentials control areas at your own pace. See where your organisation is ready and where remediation is needed before you apply for certification.

Your answers are saved in your browser — you can close the page and return to resume later. No account required, nothing is sent to a server.

Start assessment

5 control areas

29 questions total

The five control areas

1Firewalls

Boundary and host-based firewalls prevent unauthorised access to or from your network and devices.

2Secure Configuration

Computers and network devices should be configured securely to reduce vulnerabilities.

3User Access Control

User accounts — especially privileged accounts — must be controlled carefully.

4Malware Protection

Malware protection prevents malicious software from executing on your devices.

5Patch Management

Keeping software and firmware up to date is one of the most effective ways to protect against known vulnerabilities.

About this tool

This is a free, open-source readiness tool. It is not affiliated with or endorsed by NCSC, IASME, or DSIT. Question content is based on NCSC Cyber Essentials technical requirements published under the Open Government Licence v3.0.

“Cyber Essentials” is a registered trademark of DSIT. Use of this term is descriptive only and does not imply endorsement.

View source code on GitHub