Skip to content

Cyber Essentials Pre-Assessment


As part of the Digital Boost Development Grant, included for every successful candidate is the Cyber Essentials Pre-Assessment (CEP-A). Working with ourselves, the Scottish Business Resilience Centre (SBRC) and our Trusted Partner network, you will first complete a self-assessment questionnaire (with guidance if needed). Following this you will receive a gap analysis giving you a clear picture of your cyber security posture and identifying any key deficiencies that you may need to address to become more cyber secure.

Having a robust security system means that the vast majority of the most common internet borne cyber attacks will be prevented and if they do occur, the impact will not be as devastating as they would have been if no measures were in place. The CEP-A will help you take advantage of digital technologies and allow you to focus on creating new market opportunities and growing your business safely online.

Guidance and advice will be offered to you throughout by some of the leading cyber security professionals in Scotland; a great opportunity to have all your cyber related questions answered. The CEP-A works in line with Cyber Essentials, a Government backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber attacks.

To take full advantage of this assessment your organisation will need to ensure the key people are involved in answering the self-assessment questions. The CEP-A costs £800 (plus VAT) and will be covered retrospectively by this grant. On confirmation of receiving the Digital Boost Development Grant SBRC will invoice you this fee. Once paid, you will need to submit proof of payment in a form of a bank statement to DBDG and they will reimburse you within 5 working days of verification of submitted evidence. The CEP-A is compulsory, and the deadline is 3 months from the date of Trusted Partner allocation

We will be conducting webinars open to all clients throughout the duration of the project, which will offer you the opportunity to get all your questions answered about the CEP-A and cyber in general.
Available sessions (click to register):

Sessions are now finished.

The Process

Step 1

Get grant acceptance from Digital Boost.

Step 2

SBRC will invoice you £800 (plus VAT). Once you have paid this invoice, you will need to submit proof of payment in form of a bank statement to DBDG and they will re-imburse you within 5 working days of verification of submitted evidence. Non-VAT registered companies will also receive the VAT. VAT registered companies will be able to claim this back through HMRC.

Step 3

You will now be introduced to the Trusted Partner who will take you through the practical CEP-A process. They will reach out to you with a self assessment questionnaire for you to complete, give you guidance on completing it and set up a call if necessary to answer any questions.

Step 4

You (and potentially your IT provider if you have one) will now fill out the self assessment questionnaire to the best of your knowledge. If any of the questions don’t make sense, don’t worry! Your Trusted Partner is there to assist you with any difficulties in completing it. Feel free to reach out to them with any questions.
It is vital at this step to ensure the key people involved in managing the IT in your organisation are supplying the answers. 

Step 5

On completion, please return the form to your Trusted Partner. They will now analyse your answers and pull together a gap analysis report based on these. This report will show you any deficiencies in your cyber posture, and give guidance on what you can do to rectify them. You will be able to set up a call with your Trusted Partner to run through the results, and have them explain them in further details.

Step 6

Your Trusted Partner will let us know the Gap Analysis Report has been issued and we will reach out to you to confirm you have now completed the Cyber Essential Pre-Assessment. We will also issue a  Signposting Document containing handpicked guides and services from sources across the cyber security spectrum. What you do next in your cyber journey is up to you. Actioning the results from your gap analysis should be top of your list. If you want to get involved in more cyber related activities we have plenty to offer in terms of resources and practical cyber exercising, like Exercise in a Box.


Additional Info

Not found what you were looking for? Here are some options to help you out.

  • Frequently Asked Questions

    Click above for the answers to some of the frequent questions we get asked about CEP-A.

  • Email 

    Reach out to us at [email protected] with your question.

  • Web chat

    Write to us in the chat pop up in the bottom left of your screen. The chat is only available during working hours.

If you have any questions regarding the main part of you grant you will need to contact the Digital Boost team directly.

Cyber services

Useful Resources

Cyber essentials

Incident Response

In partnership with Scottish Government and Police Scotland, SBRC has launched the UK’s first cyber incident response helpline for the SME community and the third sector to help victims of cybercrime understand what support is immediately available to them and help them recover.

The number to call is:

01786 437 472

Exercise in a box

Exercise in a Box

A free, 90 minute non technical workshop which helps organisations find out how resilient they are to cyber attacks and practise their response in a safe environment.

On completion you will leave comforted knowing you have done everything you can to protect your organisation, or with a to-do list to strengthen your organisation

Scottish Business Resilience Centre

Business resources

We have a comprehensive suite of cyber security tips, advice and best practice available to download from our resource library.

Resources include information on:

  • Ransomware
  • Reputation management
  • Serious organised crime and the threat to your business

Upcoming Events