The Cyber Foundations Assessment (CFA) is designed to help SMBs understand their cybersecurity baseline. Delivered by an NCSC-accredited Cyber Advisor, it focuses on essential technical controls aligned with Cyber Essentials and CIS 18, offering a practical, non-disruptive alternative to a formal audit.
The assessment includes stakeholder interviews and technical reviews, providing a clear view of strengths and vulnerabilities. It’s structured to be accessible for all stakeholders and typically takes two to three days, covering assessment, reporting, roadmap creation, and optional reassessment.
Organisations receive a maturity score aligned to CIS 18 Information Groups (IG1–IG3), with results presented in radar charts via the Saepio Cyber Security Platform. This visual benchmarking helps track progress and compare performance against similar businesses.
Reports are simple to understand and highlight how close the organisation is to Cyber Essentials Plus. With automated reporting, trend insights, and prioritised actions, the CFA offers a clear path to stronger cyber resilience.
Initial briefing call.
1.5 hour online interviews with 2 to 4 stakeholders.
By an NCSC accredited Cyber Advisor.
Creation and recommendations.
Including visual representations.