Get in touch

Get in touch

  • This field is for validation purposes and should be left unchanged.

Privacy Notice

X

When you submit an enquiry via our website, we use the personal data you supply to respond to your query, including providing you with any requested information about our products and services. We may also email you several times after your enquiry in order to follow up on your interest and ensure that we have answered your it to your satisfaction. We will do this based on our legitimate interest in providing accurate information prior to a sale. Your enquiry is stored and processed as an email which is hosted by Microsoft within the European Economic Area (EEA). We keep enquiry emails for two years, after which they are securely archived and kept for seven years, when we delete them.

Reveal Menu
Home Blog Cyber Essentials Toolkit Updated

Cyber Essentials Toolkit Updated

As you may have heard, the National Cyber Security Centre (NCSC), together with its partner IASME, has updated the requirements for the Cyber Essentials scheme as of 24 April 2023. We previously wrote a blog about the April 2023 Cyber Essentials changes and we have now published an updated Cyber Essentials toolkit that reflects these amendments.

Cyber Essentials Updated Icon in a circle on top of cyber essentials toolkit graphic

A summary of the toolkit changes

Many of the changes within the toolkit are to reflect the new order and wording of the controls themselves, so that the toolkit matches the guidance document published by NCSC (which is also now included in the toolkit). Some terms such as “allow-listing” have also been updated to align with current usage.

A number of policy documents have been revised to cover the new requirements, such as the Network Security Policy, Software Policy and Patch Management Policy.

We have also added some new documents to the set, to cover areas receiving increased attention within the Cyber Essentials scheme. These are:

  • Configuration Management Policy
  • Asset Management Policy
  • Cloud Services Questionnaire
  • Threat Intelligence Policy

Together these changes reflect the focus of the scheme on incorporating cloud services, increased use of multi-factor authentication (MFA) and a clear understanding of the assets of the organisation.

As a certified organisation ourselves, we are seeing a stricter interpretation of the requirements, with reviewers sometimes requesting the provision of evidence that controls are in place, so the use of good quality documentation is even more important than ever.

You can find a full list of the new Cyber Essentials Toolkit documents on our website, including what’s included in the toolkit package and details for purchase.

 

More Cyber Essentials Resources

CertiKit is a provider of document toolkits and has helped more than 4000 organizations worldwide with their compliance.

For more guidance on implementing the Cyber Essentials scheme, we’ve put together a list of our best free resources including sample documents, blogs and downloadable documents.

Free Cyber Essentials Resources

We’ve helped more than 4000 businesses with their compliance

Testimonials

The sample documents are very rich in their scope. Our attorneys have reviewed our edits and can find no fault with what is presented.

Institute for Supply Management
USA

View all Testimonials

Cookie Control

CertiKit uses cookies to improve your user experience. Some are essential for our website to work, but for others you have a choice over which ones you’re happy for us to use.

Please set the controls below to enable or disable the types of cookies shown.

Nice to have cookies
What are these?

Advertising Cookies
What are these?

Cookie Policy