What You Need To Know


Defining the scope of your business can be difficult and is sometimes the hardest section of the Cyber Essentials Scheme to complete. With the information provided in this section we aim to make this as easy as possible for you and your business.
Before both of the Cyber Essentials Scheme’s can be tested for the business and certification must agree on the scope of the business before any of the testing may begin. This only has to be completed once as it will be the same for either of the Cyber Essential Schemes.

Key Points

What System's need to be Included in the Scope?
What Systems are not Included within the Scope?


The Scope is the mutually agreed boundary perimeter for examining the security posture of your IT infrastructure with the goal of certification. IT systems out-of-scope will not be tested for certification.
The Cyber Essentials Scheme covers the basics of cyber security in an organisation’s enterprise or corporate IT system. Implementation of these controls can significantly reduce the risk of common but unskilled cyber-attacks. For many organisations, Cyber Essentials will become a practical component of regular cyber security posture checks.


Source: https://www.cyberaware.gov.uk/cyberessentials/docs.html

To Top