

Cyber Essentials is a certifiable framework that revolves around a comprehensive self-assessment against 40+ critical cybersecurity controls. To become certified, you should use the framework’s standardized questionnaire to complete the self-assessment before applying for a certificate.
This guide will help you achieve this by explaining the following:
- What the Cyber Essentials self-assessment questionnaire (SAQ) is
- What its components are
- How to complete the SAQ with minimal effort
What is the Cyber Essentials self-assessment questionnaire?
The Cyber Essentials SAQ is a comprehensive set of questions assessing different aspects of an organization’s IT infrastructure security. It reflects the framework’s broad security scope, letting you examine your security posture on a granular level to understand how to improve it.
The questionnaire isn’t only used for security reviews and assessments—it’s a prescriptive tool that outlines the technical controls, policies, and procedures necessary to protect your organization from common cybersecurity threats.
Unlike resources used to implement many frameworks and standards (e.g., most ISO standards), the Cyber Essentials SAQ is free to download. You can access it on the IASME website to start preparing for the certification process.
As of this writing, two versions of the questionnaire are available—one for applications submitted before April 2025 and another for those submitted after. Each version also provides access to corresponding resources that support certification, including:
- NCSC Requirements for Infrastructure
- Cyber Essentials Plus Illustrative Test Specification
The test specification can be particularly useful if you’re preparing for a Cyber Essentials Plus certification, which requires a third-party audit of in-scope controls, unlike the self-assessment required for the base-level Cyber Essentials certification.
No matter which certification level you choose, you’ll use the same SAQ to assess your security posture and implement Cyber Essentials controls. The only difference is that, for the base-level certification, a board member validates adherence to the framework’s controls. In contrast, Cyber Essentials Plus also requires an independent audit, offering greater assurance.
{{cta_withimage23="/cta-modules"}} | Cyber Essentials Checklist
Components of the Cyber Essentials SAQ
The Cyber Essentials SAQ consists of four components, as outlined in the following table:
Cyber Essentials covers over 40 technical, administrative, and procedural controls, and the SAQ can help you ensure they’re in place before pursuing certification.
How to complete the Cyber Essentials SAQ
Besides collecting basic company information and assessing your insurance eligibility, you can take the following steps to complete the SAQ accurately and efficiently:
- Understand the scoping requirements
- Review your cybersecurity posture
- Maintain evidence
- Fill in and submit the SAQ
- Plan for potential gap remediation
Below we’ll elaborate on each step and discuss the key action items.
1. Understand the scoping requirements
Ideally, the Cyber Essentials assessment will encompass your entire IT infrastructure. This is IASME’s recommendation because it eliminates unaddressed security concerns or vulnerabilities in your system. It’s also one of the key requirements for obtaining cyber liability insurance, which can cover risks such as extortion threats, regulatory fines insurable by law, and business interruptions caused by cyberattacks.
Still, this doesn’t mean every element of your IT infrastructure will be included in the assessment. Here are some components that are out of scope by default:
- Mobile and/or remote devices used exclusively for multi-factor authentication (MFA), as well as native voice and native text applications
- Wireless devices that can’t be reached by a potential attack via the internet
- Devices owned by third parties (MSP administrators, contractors, and customers)
- Routers not provided by your organization that fall outside your direct control
Whether you include the entire IT system or its specific components in the audit, you’ll need to describe the scope in the SAQ and create a comprehensive asset inventory that maps out your IT infrastructure.
{{cta_withimage22="/cta-modules"}} | The Audit Ready Checklist
2. Review your cybersecurity posture
The key advantage of the Cyber Essentials SAQ is that it can guide robust security reviews by breaking down each requirement. As you go through the questionnaire, use each requirement to assess your current standing.
Depending on the specifics of your IT infrastructure, the security review can involve a variety of activities, such as:
- Policy reviews (password policies, access management, etc.)
- Technical control checks (firewalls, configuration reviews, etc.)
- Penetration testing
- Vulnerability scans
- Vendor security reviews
Completing the questionnaire and corresponding assessments can be time-consuming for large organizations or those with complex and diverse IT infrastructures, especially if done using scattered systems and spreadsheets. This approach often leads to inefficiencies in security reviews and gap assessments, hindering certification preparation.
The easiest way to address this issue is to adopt automation-enabled compliance software. The right solution should include robust features that automate repetitive tasks to streamline your workflow.
3. Maintain evidence
Cyber Essentials requires evidence that your controls are aligned with the framework’s requirements. This evidence may be needed when answering questions or during the third-party audit.
Streamlined evidence collection and thorough documentation are essential for demonstrating the effectiveness of your controls. Beyond that, detailed documentation also simplifies regular security improvements and streamlines compliance with other frameworks. The required evidence varies by control and may come in various forms, such as:
- Update logs
- Policy document
- Screenshots
The most important aspect of evidence collection is centralization. If your evidence is scattered across email chains, documents, and folders, searching through these sources can be highly time-consuming.
This is another issue that a capable software solution can solve. If you choose to adopt one, look for a platform that offers a unified hub for all your evidence. Ideally, your chosen solution should also simplify evidence collection through automation features that pull from various data sources without requiring manual effort.
4. Fill in and submit the SAQ
As you go through the SAQ and complete your internal checks, fill in the corresponding questions to understand how aligned your security standing is with the Cyber Essentials requirements.
Remember that you’ll need to provide evidence of control implementation, so it’s crucial to answer truthfully and accurately. This is the only way to fully understand your security posture and the steps you should take to ensure Cyber Essentials compliance.
Your security and IT team members will play a particularly important role in this step as they are most familiar with the technical and administrative controls. Clear communication between departments will be crucial to ensure all responses are accurate and reflect your current security posture. Once you’re ready to submit the SAQ, visit your certification body’s CE product page to complete your submission and make the required payment.
Still, if you lack the in-house expertise necessary to answer all questions, it’s best to seek help from a compliance expert with a deep knowledge of Cyber Essentials.
{{cta_withimage23="/cta-modules"}} | Cyber Essentials Checklist
5. Plan for potential gap remediation
After completing your Cyber Essentials questionnaire, you have two options:
- Submit the SAQ and use it as a basis for gap remediation planning
- Highlight and remediate gaps before submitting the questionnaire to simplify the certification process
Gap remediation can sometimes be complex, in which case guidance from IASME can be helpful. Once the remediation is complete, you can resubmit the questionnaire and continue the certification process.
Once obtained, the certificate is valid for one year, so you’ll need to maintain certification through annual re-assessments. To make these as streamlined as possible, it’s best to monitor your controls and their effectiveness on an ongoing basis.
Still, regular monitoring and updates can be challenging without adequate software that provides real-time (or at least near real-time) insights into your controls. If you need such a solution to simplify Cyber Essentials compliance and maintain a strong security posture, Vanta will be a valuable addition to your tech stack.
Vanta helps complete Cyber Essentials workflows faster
Vanta is a comprehensive trust management platform that automates up to 70% of Cyber Essentials compliance workflows, helping you complete the SAQ quickly and without bottlenecks.
The platform’s advanced automation features are a part of the dedicated Cyber Essentials product, which is equipped with numerous functionalities that simplify security and compliance workflows, such as:
- Pre-built and custom security controls with detailed tracking
- Automated control tests supported by over 375 integrations with endpoint security software, incident management solutions, and various other platforms
- Simplified people management that fosters organization-wide adherence to the implemented policies and controls
- A convenient policy builder with templates you can use as a starting point
Whether you need support with gap remediation or plan on pursuing Cyber Essentials Plus certification, you can leverage Vanta’s partner network to find accredited auditors who can offer assistance.
If you want to see Vanta’s Cyber Essentials product live and learn how it helps you achieve and maintain compliance, schedule a custom product demo.
{{cta_simple32="/cta-modules"}} | Cyber Essentials product page
A note from Vanta: Vanta is not a law firm, and this article does not constitute or contain legal advice or create an attorney-client relationship. When determining your obligations and compliance with respect to relevant laws and regulations, you should consult a licensed attorney.
Preparing for Cyber Essentials Certification
How to complete the Cyber Essentials self-assessment questionnaire (SAQ)

Preparing for Cyber Essentials Certification

Cyber Essentials is a certifiable framework that revolves around a comprehensive self-assessment against 40+ critical cybersecurity controls. To become certified, you should use the framework’s standardized questionnaire to complete the self-assessment before applying for a certificate.
This guide will help you achieve this by explaining the following:
- What the Cyber Essentials self-assessment questionnaire (SAQ) is
- What its components are
- How to complete the SAQ with minimal effort
What is the Cyber Essentials self-assessment questionnaire?
The Cyber Essentials SAQ is a comprehensive set of questions assessing different aspects of an organization’s IT infrastructure security. It reflects the framework’s broad security scope, letting you examine your security posture on a granular level to understand how to improve it.
The questionnaire isn’t only used for security reviews and assessments—it’s a prescriptive tool that outlines the technical controls, policies, and procedures necessary to protect your organization from common cybersecurity threats.
Unlike resources used to implement many frameworks and standards (e.g., most ISO standards), the Cyber Essentials SAQ is free to download. You can access it on the IASME website to start preparing for the certification process.
As of this writing, two versions of the questionnaire are available—one for applications submitted before April 2025 and another for those submitted after. Each version also provides access to corresponding resources that support certification, including:
- NCSC Requirements for Infrastructure
- Cyber Essentials Plus Illustrative Test Specification
The test specification can be particularly useful if you’re preparing for a Cyber Essentials Plus certification, which requires a third-party audit of in-scope controls, unlike the self-assessment required for the base-level Cyber Essentials certification.
No matter which certification level you choose, you’ll use the same SAQ to assess your security posture and implement Cyber Essentials controls. The only difference is that, for the base-level certification, a board member validates adherence to the framework’s controls. In contrast, Cyber Essentials Plus also requires an independent audit, offering greater assurance.
{{cta_withimage23="/cta-modules"}} | Cyber Essentials Checklist
Components of the Cyber Essentials SAQ
The Cyber Essentials SAQ consists of four components, as outlined in the following table:
Cyber Essentials covers over 40 technical, administrative, and procedural controls, and the SAQ can help you ensure they’re in place before pursuing certification.
How to complete the Cyber Essentials SAQ
Besides collecting basic company information and assessing your insurance eligibility, you can take the following steps to complete the SAQ accurately and efficiently:
- Understand the scoping requirements
- Review your cybersecurity posture
- Maintain evidence
- Fill in and submit the SAQ
- Plan for potential gap remediation
Below we’ll elaborate on each step and discuss the key action items.
1. Understand the scoping requirements
Ideally, the Cyber Essentials assessment will encompass your entire IT infrastructure. This is IASME’s recommendation because it eliminates unaddressed security concerns or vulnerabilities in your system. It’s also one of the key requirements for obtaining cyber liability insurance, which can cover risks such as extortion threats, regulatory fines insurable by law, and business interruptions caused by cyberattacks.
Still, this doesn’t mean every element of your IT infrastructure will be included in the assessment. Here are some components that are out of scope by default:
- Mobile and/or remote devices used exclusively for multi-factor authentication (MFA), as well as native voice and native text applications
- Wireless devices that can’t be reached by a potential attack via the internet
- Devices owned by third parties (MSP administrators, contractors, and customers)
- Routers not provided by your organization that fall outside your direct control
Whether you include the entire IT system or its specific components in the audit, you’ll need to describe the scope in the SAQ and create a comprehensive asset inventory that maps out your IT infrastructure.
{{cta_withimage22="/cta-modules"}} | The Audit Ready Checklist
2. Review your cybersecurity posture
The key advantage of the Cyber Essentials SAQ is that it can guide robust security reviews by breaking down each requirement. As you go through the questionnaire, use each requirement to assess your current standing.
Depending on the specifics of your IT infrastructure, the security review can involve a variety of activities, such as:
- Policy reviews (password policies, access management, etc.)
- Technical control checks (firewalls, configuration reviews, etc.)
- Penetration testing
- Vulnerability scans
- Vendor security reviews
Completing the questionnaire and corresponding assessments can be time-consuming for large organizations or those with complex and diverse IT infrastructures, especially if done using scattered systems and spreadsheets. This approach often leads to inefficiencies in security reviews and gap assessments, hindering certification preparation.
The easiest way to address this issue is to adopt automation-enabled compliance software. The right solution should include robust features that automate repetitive tasks to streamline your workflow.
3. Maintain evidence
Cyber Essentials requires evidence that your controls are aligned with the framework’s requirements. This evidence may be needed when answering questions or during the third-party audit.
Streamlined evidence collection and thorough documentation are essential for demonstrating the effectiveness of your controls. Beyond that, detailed documentation also simplifies regular security improvements and streamlines compliance with other frameworks. The required evidence varies by control and may come in various forms, such as:
- Update logs
- Policy document
- Screenshots
The most important aspect of evidence collection is centralization. If your evidence is scattered across email chains, documents, and folders, searching through these sources can be highly time-consuming.
This is another issue that a capable software solution can solve. If you choose to adopt one, look for a platform that offers a unified hub for all your evidence. Ideally, your chosen solution should also simplify evidence collection through automation features that pull from various data sources without requiring manual effort.
4. Fill in and submit the SAQ
As you go through the SAQ and complete your internal checks, fill in the corresponding questions to understand how aligned your security standing is with the Cyber Essentials requirements.
Remember that you’ll need to provide evidence of control implementation, so it’s crucial to answer truthfully and accurately. This is the only way to fully understand your security posture and the steps you should take to ensure Cyber Essentials compliance.
Your security and IT team members will play a particularly important role in this step as they are most familiar with the technical and administrative controls. Clear communication between departments will be crucial to ensure all responses are accurate and reflect your current security posture. Once you’re ready to submit the SAQ, visit your certification body’s CE product page to complete your submission and make the required payment.
Still, if you lack the in-house expertise necessary to answer all questions, it’s best to seek help from a compliance expert with a deep knowledge of Cyber Essentials.
{{cta_withimage23="/cta-modules"}} | Cyber Essentials Checklist
5. Plan for potential gap remediation
After completing your Cyber Essentials questionnaire, you have two options:
- Submit the SAQ and use it as a basis for gap remediation planning
- Highlight and remediate gaps before submitting the questionnaire to simplify the certification process
Gap remediation can sometimes be complex, in which case guidance from IASME can be helpful. Once the remediation is complete, you can resubmit the questionnaire and continue the certification process.
Once obtained, the certificate is valid for one year, so you’ll need to maintain certification through annual re-assessments. To make these as streamlined as possible, it’s best to monitor your controls and their effectiveness on an ongoing basis.
Still, regular monitoring and updates can be challenging without adequate software that provides real-time (or at least near real-time) insights into your controls. If you need such a solution to simplify Cyber Essentials compliance and maintain a strong security posture, Vanta will be a valuable addition to your tech stack.
Vanta helps complete Cyber Essentials workflows faster
Vanta is a comprehensive trust management platform that automates up to 70% of Cyber Essentials compliance workflows, helping you complete the SAQ quickly and without bottlenecks.
The platform’s advanced automation features are a part of the dedicated Cyber Essentials product, which is equipped with numerous functionalities that simplify security and compliance workflows, such as:
- Pre-built and custom security controls with detailed tracking
- Automated control tests supported by over 375 integrations with endpoint security software, incident management solutions, and various other platforms
- Simplified people management that fosters organization-wide adherence to the implemented policies and controls
- A convenient policy builder with templates you can use as a starting point
Whether you need support with gap remediation or plan on pursuing Cyber Essentials Plus certification, you can leverage Vanta’s partner network to find accredited auditors who can offer assistance.
If you want to see Vanta’s Cyber Essentials product live and learn how it helps you achieve and maintain compliance, schedule a custom product demo.
{{cta_simple32="/cta-modules"}} | Cyber Essentials product page
A note from Vanta: Vanta is not a law firm, and this article does not constitute or contain legal advice or create an attorney-client relationship. When determining your obligations and compliance with respect to relevant laws and regulations, you should consult a licensed attorney.
What’s a Rich Text element?
What’s a Rich Text element?The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.Static and dynamic content editing
Static and dynamic content editingA rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!How to customize formatting for each rich text
How to customize formatting for each rich textHeadings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
What’s a Rich Text element?
What’s a Rich Text element?The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.Static and dynamic content editing
Static and dynamic content editingA rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!How to customize formatting for each rich text
How to customize formatting for each rich textHeadings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
What’s a Rich Text element?
What’s a Rich Text element?The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.Static and dynamic content editing
Static and dynamic content editingA rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!How to customize formatting for each rich text
How to customize formatting for each rich textHeadings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

What’s a Rich Text element?
What’s a Rich Text element?The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.Static and dynamic content editing
Static and dynamic content editingA rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!How to customize formatting for each rich text
How to customize formatting for each rich textHeadings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

What’s a Rich Text element?
What’s a Rich Text element?The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.Static and dynamic content editing
Static and dynamic content editingA rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!How to customize formatting for each rich text
How to customize formatting for each rich textHeadings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

What’s a Rich Text element?
What’s a Rich Text element?The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.Static and dynamic content editing
Static and dynamic content editingA rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!How to customize formatting for each rich text
How to customize formatting for each rich textHeadings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

What’s a Rich Text element?
What’s a Rich Text element?The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.Static and dynamic content editing
Static and dynamic content editingA rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!How to customize formatting for each rich text
How to customize formatting for each rich textHeadings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
What’s a Rich Text element?
What’s a Rich Text element?The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.Static and dynamic content editing
Static and dynamic content editingA rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!How to customize formatting for each rich text
How to customize formatting for each rich textHeadings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
Role: | GRC responsibilities: |
---|---|
Board of directors | Central to the overarching GRC strategy, this group sets the direction for the compliance strategy. They determine which standards and regulations are necessary for compliance and align the GRC strategy with business objectives. |
Chief financial officer | Primary responsibility for the success of the GRC program and for reporting results to the board. |
Operations managers from relevant departments | This group owns processes. They are responsible for the success and direction of risk management and compliance within their departments. |
Representatives from relevant departments | These are the activity owners. These team members are responsible for carrying out specific compliance and risk management tasks within their departments and for integrating these tasks into their workflows. |
Contract managers from relevant department | These team members are responsible for managing interactions with vendors and other third parties in their department to ensure all risk management and compliance measures are being taken. |
Chief information security officer (CISO) | Defines the organization’s information security policy, designs risk and vulnerability assessments, and develops information security policies. |
Data protection officer (DPO) or legal counsel | Develops goals for data privacy based on legal regulations and other compliance needs, designs and implements privacy policies and practices, and assesses these practices for effectiveness. |
GRC lead | Responsible for overseeing the execution of the GRC program in collaboration with the executive team as well as maintaining the organization’s library of security controls. |
Cybersecurity analyst(s) | Implements and monitors cybersecurity measures that are in line with the GRC program and business objectives. |
Compliance analyst(s) | Monitors the organization’s compliance with all regulations and standards necessary, identifies any compliance gaps, and works to mitigate them. |
Risk analyst(s) | Carries out the risk management program for the organization and serves as a resource for risk management across various departments, including identifying, mitigating, and monitoring risks. |
IT security specialist(s) | Implements security controls within the IT system in coordination with the cybersecurity analyst(s). |