Knogin
[Developers]

Cyber Essentials Assurance

An SME preparing for Cyber Essentials certification has six weeks to assemble evidence that its network boundaries, patch levels, access controls, malware defenses, and secure configuration meet the scheme's technical co

Back to All Modules
Category: ModulesLast Updated: Mar 25, 2026
modulescompliance

Overview#

An SME preparing for Cyber Essentials certification has six weeks to assemble evidence that its network boundaries, patch levels, access controls, malware defenses, and secure configuration meet the scheme's technical controls. The compliance team cannot afford to discover on the day before the assessor arrives that one of the five control areas has stale or incomplete evidence. Cyber Essentials Assurance gives them a live view of evidence pack readiness and the current assessment score throughout the preparation period, not just at the point of formal submission.

The module provides an operational view of evidence-pack readiness, overall assessment score, and current verdict for organisations preparing for Cyber Essentials and Cyber Essentials Plus style reviews. Security and compliance teams can track how many evidence packs have been generated, what the latest readiness score looks like, and whether the current posture is trending toward a passing outcome, all without waiting for a point-in-time assessment.

Open Standards#

  • Cyber Essentials (NCSC/IASME scheme): The module is structured directly around the five mandatory control families defined by the UK government's Cyber Essentials scheme (Firewalls, Secure Configuration, User Access Control, Malware Protection, and Patch Management), producing evidence packs and verdicts aligned to Cyber Essentials and Cyber Essentials Plus pass thresholds.
  • CVE (Common Vulnerabilities and Exposures): Patch management evidence collection queries for CVE-tagged vulnerability scan events and tracks unresolved critical CVEs within the required 14-day remediation window, using the industry-standard CVE identifier format maintained by MITRE.
  • CVSS (Common Vulnerability Scoring System): The patch management collector differentiates critical-severity findings from lower-severity ones, reflecting the CVSS severity tiers used by the NVD and required by CE+ guidance to prioritise remediation.
  • OAuth 2.0 / OpenID Connect: All evidence pack queries and mutations are protected by the platform's authentication layer, which issues and validates tokens according to OAuth 2.0 and OIDC, enforcing the authenticated access controls that CE+ User Access Control evidence itself attests to.
  • GraphQL (June 2018 specification): Evidence pack generation, retrieval, and readiness queries are all exposed via a typed GraphQL API, enabling structured, schema-validated access to assurance data from compliance tooling and dashboards.
  • RFC 4122 (UUID): Each generated evidence pack is assigned a universally unique identifier conforming to RFC 4122, providing a stable, collision-resistant reference for audit trails and assessor submissions.
  • JSON (ECMA-404 / RFC 8259): Per-family evidence items and control results are serialised and stored as JSON, ensuring evidence packs can be exchanged with external assessors and tooling without proprietary encoding.

Last Reviewed: 2026-03-25 Last Updated: 2026-04-14

Key Features#

  • Evidence Pack Tracking: Shows how many assurance evidence packs are currently available for review, giving compliance teams a clear view of preparation progress.
  • Latest Score Visibility: Surfaces the latest overall score to support readiness monitoring throughout the preparation cycle, not just at submission.
  • Verdict Awareness: Displays the current pass, CE Plus, or fail-style verdict for rapid executive review without requiring access to detailed evidence bundles.
  • Generation Recency: Highlights when the latest evidence pack was generated so teams can spot stale assurance material and trigger a refresh before audit activity.
  • Compliance and Security Alignment: Bridges technical security posture with formal assurance preparation, ensuring that the evidence presented to assessors reflects current operational reality.

Use Cases#

  • Assessment Preparation: Security teams monitor whether enough evidence has been assembled before a Cyber Essentials review, with enough lead time to address gaps.
  • Continuous Readiness Tracking: Organisations maintain an up-to-date view of current assurance posture rather than waiting for periodic point-in-time assessments that may miss configuration drift.
  • Executive Assurance Reporting: Leaders review the latest score and verdict without opening detailed evidence bundles or requiring technical interpretation.
  • Evidence Refresh Management: Compliance teams detect stale evidence packs and trigger an updated assurance run before audit activity begins.

Integration#

  • Evidence-pack generation workflows.
  • Security assurance and compliance operations.
  • Cyber and risk workbenches.
  • Reporting and audit-preparation processes.

Ready to Build?

Get started with our APIs or contact our integration team for support.