CompliWiseAI
Cybersecurity · UK

Cyber Essentials documentation generator

Cyber Essentials is the UK government-backed scheme that guards against the most common cyber attacks through five technical controls. It's an affordable, popular entry point to cyber assurance for SMEs.

Cyber Essentials is the most accessible cyber certification for UK SMEs and is increasingly required to win public-sector and enterprise contracts. It focuses on five technical controls — firewalls, secure configuration, user access control, malware protection and security update management. CompliWiseAI generates the supporting policies and asset inventory you need to evidence each control and complete your self-assessment.

Documents we generate for Cyber Essentials

6 required documents, each tailored to your company and structured for audit.

Cyber Essentials Scope & Asset Inventory

Required

Defines the assessment boundary and inventories devices, software and cloud services.

Policy · CE Scope

Firewalls & Internet Gateways Policy

Required

Boundary firewalls and gateways protecting internet-connected devices.

Policy · CE Control 1

Secure Configuration Policy

Required

Removing insecure defaults and unnecessary functionality.

SOP · CE Control 2

User Access Control Policy

Required

Least-privilege access, administrative accounts and MFA.

Policy · CE Control 3

Malware Protection Policy

Required

Anti-malware, application allow-listing and safe downloads.

Policy · CE Control 4

Security Update Management Policy

Required

Applying security updates promptly (criticals within 14 days).

SOP · CE Control 5

Home & Mobile Working (BYOD) Policy

Securing home working and personal devices within scope.

Policy · CE Scope

Cyber Essentials readiness checklist

  • Scope and asset inventory defined
  • Firewalls and gateways configured
  • Secure configuration applied
  • User access control with MFA
  • Malware protection in place
  • Security updates applied within 14 days
  • Self-assessment questionnaire submitted

Cyber Essentials — frequently asked questions

What are the five Cyber Essentials controls?+

Firewalls and internet gateways, secure configuration, user access control, malware protection, and security update (patch) management. Cyber Essentials Plus adds a hands-on technical audit.

Who needs Cyber Essentials?+

Any UK organization wanting affordable cyber assurance — it's often mandatory for UK government contracts and increasingly requested by enterprise customers.

Is Cyber Essentials enough, or do I need ISO 27001?+

Cyber Essentials covers baseline technical controls; ISO 27001 is a full management system. Many SMEs start with Cyber Essentials and move to ISO 27001 as they grow. CompliWiseAI supports both.

Start your Cyber Essentials documentation free

Create a workspace, add Cyber Essentials, and generate your first audit-ready document in minutes.