Is there a Cyber Essentials checklist?

The following checklist applies to both Cyber Essentials and Cyber Essentials Plus requirements, the difference being that with the latter a technical expert conducts a vulnerability scan and remote audit of your IT systems, including a representative set of user devices, all Internet gateways and all servers with services accessible to unauthenticated Internet users.

The questions that will need to be answered include:

  • Are all of your operating systems supported including phones, tablets, servers, workstations etc…?
  • Have all the security patches been applied to the operating systems?
  • Is your Office suite up to date? Is your anti-malware up to date?
  • Are your browsers up to date with security patches?
  • Have you disabled auto-run?
  • Have you disabled remote scripts from being run?
  • Are all of your applications up to date with security patches?
  • Are all the applications used in the organisation supported?
Cyber security has never been higher on our agenda. We’re very pleased to have gained our Cyber Essentials Plus Certification. We are committed to providing the most secure and robust solutions to our customers and partners. This certification helps to demonstrate this commitment – through independent vulnerability testing and to test the awareness of information security across our teams. We’re very pleased with the support and expertise provided by URM.
Speech recognition software provider
Apply for Cyber Essentials certificationApply for Cyber Essentials Plus

Cyber Essentials Questions Answered: Technical Requirements, BYOD Compliance and the Future of the Scheme

Published on
5 Jun
2026

URM’s blog answers key questions about CE, focusing specifically on its technical requirements, use of BYOD, and how the scheme may change in the future.

Read more
Thumbnail of the Blog Illustration
Cyber Security
Published on
5/6/2026
Complying with Cyber Essentials and Cyber Essentials Plus

URM’s blog answers key technical questions about Cyber Essentials and Cyber Essentials Plus, what’s in scope, CE compliant use of BYOD, and more.

Read more
Thumbnail of the Blog Illustration
Cyber Security
Published on
5/6/2026
Cyber Essentials – What’s Changing in 2025?

URM’s blog discusses upcoming changes to Cyber Essentials, including the changes seen in the Willow Question Set and how they may impact your organisation.

Read more
Thumbnail of the Blog Illustration
Cyber Security
Published on
5/6/2026
Access Control, Administrative Accounts and Password-Based Authentication in the Cyber Essentials SAQ

URM’s blog offers advice on answering questions in the Cyber Essentials SAQ which relate to access control, admin accounts and authentication methods.

Read more
"
We are extremely grateful for the outstanding support the URM Team provided throughout our Cyber Essentials and Cyber Essentials Plus journey. Their professionalism, technical expertise, and pragmatic guidance were key to our successful certification. We would like to call out a personal thanks to our assessor, who was particularly impressive throughout. From the initial assessment through remediation and validation, he demonstrated clear expertise, practical recommendations, and strong communication. This, coupled with his thoroughness, responsiveness, and collaborative approach, made the process efficient for our whole team.
contact US

Let us help you

Let us help you in your compliance journey by completing the form and letting us know how we can best support you.