- Virtual CIO
How to Create a Cybersecurity Budget That Works
18 Mar, 2026
Free Tool
Cyber Essentials Plus Readiness Assessment
Assess your organisation’s readiness for Cyber Essentials Plus certification across all five technical controls and get a prioritised action plan.
Your Technical Controls
Firewalls & Internet Gateways
Secure Configuration
User Access Control
Malware Protection
Patch Management
Cyber Essentials Plus — Five Technical Controls
| Control Area | What’s Assessed | Common Fail Points | CE+ Requirement Level |
|---|---|---|---|
| Firewalls & Internet Gateways | Boundary firewalls, rules, default deny | Open ports, default rules | All rules documented and justified |
| Secure Configuration | Default passwords, unnecessary services | Factory defaults, bloatware | CIS benchmarked or equivalent |
| User Access Control | Admin privileges, user accounts | Shared accounts, no MFA | Individual accounts, MFA, least privilege |
| Malware Protection | Antivirus, endpoint protection | Outdated signatures, no EDR | Real-time protection, current signatures |
| Patch Management | OS updates, third-party apps, EOL | Delayed patches, EOL software | Critical patches within 14 days, no EOL |
Based on the NCSC Cyber Essentials scheme requirements. This tool is for guidance only and does not replace an official certification assessment. Contact Cloudswitched to start your Cyber Essentials Plus certification journey.
More Free Tools
Try our other free security assessments and IT planning tools.