Contained in these five categories are 34 x questions, relating to various controls and procedures that are recommended to be in place in the “defined scope of the company”. These must be individually addressed. Following completion of this, an external scan is then required. This is designed to identify vulnerabilities on the Internet facing side of the business infrastructure.
Cyber Essentials provides a framework for companies to take the necessary steps to protect themselves from the known threats concerning the storage of personal data, such as Malware, theft, accidental or intentional tampering with, or the corruption of personal data.