Questionnaire Part 1 Your Organisation
This guide reflects the Willow question set, introduced in April 2025. Applications using the Montpellier question set will differ in some areas; these applications may still be completed before 28th October 2025.
Your Organisation
This section is used to identify the organisation we are assessing.
Please answer all of the questions in this section—missed questions will delay the assessment.
Please note that the answer for A1.1 will be the name that is printed on the certificate. Please check this is correct before submitting the assessment.
A1.1 Organisation Name
What is your organisation's name?
Where an organisation wishes to certify subsidiary companies on the same certificate, the organisation can certify as a group and can include the subsidiaries' name on the certificate as long as the board member signing off the certificate has authority over all certified organisations. For example: The Stationery Group, incorporating The Paper Mill and The Pen House
It is also possible to list on a certificate where organisations are trading as other names. For example: The Paper Mill trading as The Pen House.
The answer provided to A1.1 is the name that will be displayed on your certificate and has a character limit of 150 including spaces.
A1.2 Organisation Type
What type of organisation are you?
“LTD” – Limited Company (Ltd or PLC)
“LLP” – Limited Liability Partnership (LLP)
“CIC” – Community Interest Company (CIC)
“COP” – Cooperative
“MTL” – Other Registered Mutual (Community Benefit Society, Credit Union, Building Society, Friendly Society)
“CHA” – Registered Charity
“GOV” – Government Agency or Public Body
“SOL” – Sole Trader
“PRT” – Other Partnership
“SOC” – Other Club/ Society
“OTH” – Other Organisation
Use the dropdown menu to select your answer.
A1.3 Organisation Number
What is your organisation's registration number?
If you are applying for certification for more than one registered company, please still enter only one organisation number. If you have answered A1.2 with Government Agency, Sole Trader, Other Partnership, Other Club/Society or Other Organisation please enter "none".
If you are registered in a country that does not issue a company number, please enter a unique identifier like a DUNS number.
Please enter the registered number only with no spaces or other punctuation. Letters (a-z) are allowed, but you need at least one digit (0-9). There is a 20 character limit for your answer.
A1.4 Organisation Address
What is your organisation's address?
Please provide the legal registered address for your organisation.
Please ensure you fill out both the 'Answer' and 'Country' cells, even if the content is identical.
A1.5 Organisation Occupation
What is your main business?
Please summarise the main occupation of your organisation.
Use the dropdown menu and provide Applicant Notes if necessary.
A1.6 Website Address
What is your website address?
Please provide your website address (if you have one). This can be a Facebook/LinkedIn page if you prefer.
A1.7 Renewal or First Time Application
Is this application a renewal of an existing certification or is it the first time you have applied for certification?
If you have previously achieved Cyber Essentials, please select "Renewal". If you have not previously achieved Cyber Essentials, please select "New Application".
A1.8 Reason for Certification
What are the two main reasons for applying for certification?
Please let us know the two main reasons why you are applying for certification. If there are multiple reasons, please select the two that are most important to you. This helps us to understand how people are using our certifications.
Please ensure you choose two reasons; if you choose only one, we will be required to request further information upon submission.
Your answers here may trigger additional questions; for example if you have said there is a requirement by a grant authority, this will trigger A1.8.3 where you will be asked for the grant authority's name.
A1.9 CE Requirements Document
Have you read the 'Cyber Essentials Requirements for IT Infrastructure' document?
This document is available on the NCSC Cyber Essentials website and should be read before completing this question set.
This question requires a yes or no answer. You do not need to add Applicant Notes to be compliant.
A1.10 Cyber Breach
Can IASME and their expert partners contact you if you experience a cyber breach?
We would like feedback on how well the controls are protecting organisations. If you agree to this then please email security@iasme.co.uk if you do experience a cyber breach. IASME and expert partners will then contact you to find out a little more but all information will be kept confidential.
This question requires a yes or no answer. You do not need to add Applicant Notes to be compliant.
A1.11 Contact Permission
Can IASME contact you for research purposes?
Both IASME and the UK government occasionally need to ask questions about the process and/or benefits of the Cyber Essentials scheme for research purposes. If you agree to this we will contact you via the email address you registered with, you are free to not respond if we do contact you.
This question requires a yes or no answer. You do not need to add Applicant Notes to be compliant.
Related Articles
Questionnaire Part 3 Insurance
This guide reflects the Willow question set, introduced in April 2025. Applications using the Montpellier question set will differ in some areas; these applications may still be completed before 28th October 2025. Insurance When a UK-domiciled ...Questionnaire Part 7 Access Control
This guide reflects the Willow question set, introduced in April 2025. Applications using the Montpellier question set will differ in some areas; these applications may still be completed before 28th October 2025. Access Control (User Access Control) ...Questionnaire Part 6 Secure Business Operations (Security Update Management)
This guide reflects the Willow question set, introduced in April 2025. Applications using the Montpellier question set will differ in some areas; these applications may still be completed before 28th October 2025. Security Update Management A6.1 ...Questionnaire Part 5 Secure Business Operations (Secure Configuration)
This guide reflects the Willow question set, introduced in April 2025. Applications using the Montpellier question set will differ in some areas; these applications may still be completed before 28th October 2025. Secure Business Operations (Secure ...Questionnaire Part 8 Malware Protection
This guide reflects the Willow question set, introduced in April 2025. Applications using the Montpellier question set will differ in some areas; these applications may still be completed before 28th October 2025. Malware Protection A8.1 Malware ...