Questionnaire Part 1 Your Organisation
Your Organisation
This section is used to identify the organisation we are assessing.
Please answer all of the questions in this section—missed questions will delay the assessment.
Please note that the answer for A1.1 will be the name that is printed on the certificate. Please check this is correct before submitting the assessment.
A1.1 Organisation Name
What is your organisation's name (for companies: as registered with Companies House)?
Please provide the full registered name for the company being certified. If you are certifying the local entity of a multinational company, provide the name of the local entity as per Companies House registration.
Certification should cover one organisation. There are occasions when a certificate can be issued to more than one company; this will be determined by the IT infrastructure. An example would be where all the companies within a company group share the same IT infrastructure.
If a client requires certification for a company that has more than one subsidiary registered with Companies House under different names and registration numbers, they can all be entered within one certificate as long as they share the same network boundary. For example: The Stationery Group, incorporating subsidiaries The Paper Mill and The Pen House.
Adding a trading name to the certification: If an organisation operates under a different trading name to the registered company name, this may also be entered. For example: <Registered Company Name> trading as <Name>.
The answer provided to A1.1 will be used to generate the CE certificate.
A1.2 Organisation Type
What type of organisation are you?
Use the dropdown menu to select your answer.
A1.3 Organisation Number
What is your organisation's registration number (if you have one)?
If you are a UK limited company, your registration number will be provided by Companies House. In the Republic of Ireland, this will be provided by Companies Registration Office. Charities, partnerships, and other organisations should provide their registration number if applicable.
If a client is applying for certification for more than one registered company, just one registration number can be entered to represent the entire group.
If a client is applying for certification for more than one registered company, just one registration number can be entered to represent the entire group.
A1.4 Organisation Address
What is your organisation's address (for companies: as registered with Companies House)?
Please provide the legal registered address for your organisation, if different from the main operating location.
Please ensure you fill out both the 'Answer' and 'Country' cells, even if the content is identical.
A1.5 Organisation Occupation
What is your main business?
Please summarise the main occupation of your organisation.
Use the dropdown menu and provide Applicant Notes if necessary.
A1.6 Website Address
What is your website address?
Please provide your website address (if you have one). This can be a Facebook/LinkedIn page if you prefer.
A1.7 Home Workers
How many staff are home workers?
Any employee contracted or legally required to work at home for any period of time at the time of the assessment needs to be classed as working from home for Cyber Essentials.
The definition of a home worker is any person that works from home or away from the office for any amount of time.
You should answer this question with a number (not "N/A"). If you answer this question with 0 and no extra information is added, the assessor will contact you to confirm this. Please add a description to confirm that there are no home workers.
A1.8 Renewal or First Time Application
Is this application a renewal of an existing certification or is it the first time you have applied for certification?
The Cyber Essentials certification requires annual renewal. If you have previously achieved Cyber Essentials, please select "Renewal". If you have not previously achieved Cyber Essentials, please select "New Application".
A1.9 Reason for Certification
What is your main reason for applying for certification?
Please let us know the main reason why you are applying for certification. If there are multiple reasons, please select the one that is most important to you. This helps us to understand how people are using our certifications.
(If your reason for certifying is for a government contract, please provide the contract or framework name. This information is helpful to IASME but you are not required to provide it.)
(If your reason for certifying is for a government contract, please provide the contract or framework name. This information is helpful to IASME but you are not required to provide it.)
A1.10 CE Requirements Document
Have you read the 'Cyber Essentials Requirements for IT Infrastructure' document?
This document is available on the NCSC Cyber Essentials website and should be read before completing this question set.
This question requires a yes or no answer. You do not need to add Applicant Notes to be compliant.
Related Articles
Questionnaire Part 3 Insurance
Insurance When a UK-domiciled organisation with a turnover under £20m achieves self-assessed certification covering their whole organisation to either the basic level of Cyber Essentials or the IASME Standard, they are entitled to Cyber Liability ...Questionnaire Part 2 Scope of Assessment
Scope of Assessment This section is used to define the scope of the assessment. You must answer all of the questions in this section. Any unanswered questions will delay the assessment. Please read all the help text, as it is important that you ...Questionnaire Part 6 Secure Business Operations (Security Update Management)
Secure Business Operations (Security Update Management) A6.1 Supported Operating System Are all operating systems and firmware on your devices supported by a vendor that produces regular security updates? Older operating systems that are out of ...Questionnaire Part 5 Secure Business Operations (Secure Configuration)
Secure Business Operations (Secure Configuration) A5.1 Removed Unused Software Where you are able to do so, have you removed or disabled all the software that you do not use on your laptops, desktop computers, thin clients, servers, tablets, mobile ...Questionnaire Part 7 Access Control
Access Control (User Access Control) A7.1 User Account Creation Are users only provided with user accounts after a process has been followed to approve their creation? Describe the process. You must ensure that user accounts (such as logins to ...