AI-27001See Cyber Essentials workflow

Free Cyber Essentials readiness checker

Check your preparation gaps before you start the official Cyber Essentials path.

Answer 15 plain-English questions across the five Cyber Essentials control themes. The checker gives an immediate theme-level summary and the top preparation gaps to review with your team or adviser.

Readiness summaryPreparation guidance only

Boundaries

Use the result as a preparation prompt, not a certification answer.

Cyber Essentials requirements can change. Check current NCSC and IASME material, and use qualified advisers for official scheme questions, assessment, and certification decisions.

Checker boundary

The questions are paraphrased preparation prompts across the five Cyber Essentials control themes.

Checker boundary

The result is a planning aid for owners and evidence gaps, not certification advice or an official assessment.

Checker boundary

No name, email, company, or questionnaire answer is submitted by this phase of the checker.

Free readiness checker

Answer fifteen preparation questions and see useful gaps straight away.

Work through the five Cyber Essentials themes, change answers as you go, and use the immediate summary to decide what needs an owner, evidence, or adviser review.

This checker provides preparation guidance only. It is not certification advice, it is not an official assessment, and it cannot guarantee a Cyber Essentials or Cyber Essentials Plus outcome.

Progress

0 of 15 answered

Theme 1

Firewalls

Internet-facing boundaries and remote-access routes are known, owned, and reviewed.

Answer all three
Do you have a current list of the internet-facing services, cloud admin routes, and remote-access paths your organisation uses?

Preparation work is weaker when public entry points and remote routes are scattered across tools or suppliers.

Are firewall, router, and cloud access changes reviewed by a named owner before they stay in place?

A named review step reduces stale temporary openings and undocumented exceptions.

Can you show that inbound access is limited to business-needed services rather than broad open rules?

Preparation evidence should explain why an exposed service is needed and who owns it.

Product fit

Want to organise the gaps you found?

A walkthrough can show how AI-27001 links preparation questions to controls, owners, tasks, evidence, and review records. It still will not certify, assess, or guarantee a Cyber Essentials outcome.