

Cyber Essentials is a UK government-backed certification scheme designed to help organizations strengthen their cybersecurity posture and build stakeholder trust more effortlessly. Though voluntary, it provides organizations with a practical framework for optimizing their critical security controls and enhancing protection against common cyber threats.
To help you achieve Cyber Essentials certification, our comprehensive guide will cover all the essential information, including:
- Cyber Essentials overview and key control areas
- Benefits of achieving certification
- Steps to completing the certification process
What is Cyber Essentials?
Cyber Essentials is a security accreditation program developed by the UK’s National Cyber Security Center (NCSC). The program’s main purpose is to help organizations fortify their security posture by implementing industry-accepted cybersecurity controls.
While the framework’s implementation is voluntary, it is highly beneficial for UK-based organizations of all sizes and sectors, especially those aiming to bid for central government contracts.
Still, organizations can opt for Cyber Essentials certification even if they’re based outside the UK, thanks to the framework’s location-agnostic scope and controls. The prescribed security measures are universally applicable and can improve the security posture of any organization.
{{cta_withimage23="/cta-modules"}} | Cyber Essentials Checklist
Cyber Essentials: An overview of controls
Cyber Essentials is built around the following five control areas:
Cyber Essentials evolves continuously to address changes in the cybersecurity landscape, making it important to stay updated on the latest recommendations.
Why you should implement Cyber Essentials
The main reason for adopting Cyber Essentials is to effectively mitigate common security threats and ensure business continuity. Other notable advantages include:
- Demonstrating trust and commitment to cybersecurity: A Cyber Essentials certificate shows that you not only comply with mandatory regulations but also voluntary frameworks, showcasing your commitment to industry-standard security practices
- Supply chain security: Cyber Essentials analyzes the impact of downstream and upstream vendors on your security posture, fortifying your controls to ensure higher supply chain security
- Easier regulatory compliance: By implementing Cyber Essentials controls, you’ll get a head start for ensuring compliance with the more complex standards and regulations focused heavily on cybersecurity
- Accessible cyber liability insurance: Including your entire IT infrastructure in the Cyber Essentials assessment may make you eligible for insurance coverage against common security attacks, helping you recover from their impacts
- Meeting contractual or legal requirements (for UK entities): Cyber Essentials is widely adopted among UK entities, so aligning with it helps you stay competitive and meet the requirements of a recognized cybersecurity framework
- Competitive advantage during bidding: To bid on government contracts, a Cyber Essentials certificate may be either an advantage or a necessity to ensure you’re eligible and can contribute to the security of the public sector
Cyber Essentials certification process: 5 steps to follow
Cyber Essentials offers two certification levels:
- Cyber Essentials
- Cyber Essentials Plus
The certification process for both levels begins with a self-assessment against Cyber Essentials controls. However, Cyber Essentials Plus requires an additional step—a third-party audit to validate your self-assessment results.
Regardless of your chosen certification level, you can follow these steps to get certified efficiently:
- Download the CE self-assessment questionnaire (SAQ)
- Scope the assessment
- Perform a security review
- Remediate compliance gaps
- Apply for certification
Below we’ll discuss each step in more detail.
1. Download the Cyber Essentials self-assessment questionnaire (SAQ)
To familiarize yourself with Cyber Essentials requirements and lay the groundwork for your internal audit, you can download the self-assessment questionnaire from the IASME website. The questionnaire covers all the controls you should implement, making it an excellent resource to help your organization prepare for the certification process.
As of this writing, there are two versions of the SAQ for Cyber Essentials—one for applications before April 2025 and another for those after. Be sure to choose the correct version based on when you plan to pursue certification. While the two versions differ minimally, you must use the correct one to ensure adequate readiness.
You can download the question set in PDF or Excel, along with two accompanying resources:
- NCSC Requirements for Infrastructure: Provides additional context and helpful guidance for successful Cyber Essentials implementation
- Cyber Essentials Plus Illustrative Test Specification: Outlines the specific testing procedures your organization will go through if you opt for Cyber Essentials Plus
Reviewing these resources before starting any preparation activities is essential to fully understand the workflows you’ll need to implement. If necessary, consult with your IT and security teams for input to ensure you’re familiar with the contents.
2. Scope the assessment
The scope of a Cyber Essentials assessment can vary based on which components of your IT infrastructure require the most assurance. While you have some flexibility in choosing these elements, it’s highly beneficial to include your entire infrastructure in the assessment.
Besides increased confidence in your cybersecurity posture, doing so is necessary to potentially qualify for cyber liability insurance. While the assessment (and the accompanying audit in the case of Cyber Essentials Plus) may be more extensive, the increased assurance and the added security buffer make it well worth the effort.
Still, in some cases, scoping your entire infrastructure may be impractical or unnecessary. For example, you may not want to include unsupported software that doesn’t offer regular updates in the assessment, as it falls outside of the security monitoring requirements.
Additionally, organizations with complex networks or multiple geographic locations may define a subset scope instead of including their entire infrastructure. Still, for a subset scope to be valid, in-scope and out-of-scope systems must be clearly segmented, which is typically done through network separation, authentication controls, or distinct physical locations.
3. Perform a security review
After familiarizing yourself with the SAQ, review the questions to perform a security review and determine your current standing. Depending on the assessment scope, this process might involve various activities, such as:
- Policy reviews
- Vulnerability scans
- Penetration testing
If you pursue Cyber Essential Plus certification, the third-party auditor will also perform many of those activities, so a comprehensive self-assessment lets you prepare for the audit and ensure all the relevant controls are in place.
The main challenge is that self-assessments can be burdensome, especially for resource-constrained organizations. This is particularly true if you rely on manual processes and disparate systems that can hinder the following key activities:
- Asset inventory and review
- Control testing
- Evidence collection
Ideally, you’ll streamline these processes with a dedicated software solution that unifies the key data and automates as many activities as possible to free up more time and resources for your team.
4. Remediate compliance gaps
Your self-assessment results should serve as the basis of your gap remediation plan. If your security program is not highly mature, there may be numerous gaps to close before you can confidently apply for Cyber Essentials certification.
To lay out a detailed remediation plan, you can use the SAQ and the NCSC Requirements for Infrastructure document. The latter can be particularly useful because it is well structured and clearly outlines the requirements within each control area.
As you remediate Cyber Essentials gaps, you may need to modify or implement new security-related processes. These changes can become overwhelming and challenging to adapt to, so to prevent this and minimize operational disruptions, introduce any changes and additions gradually.
{{cta_withimage22="/cta-modules"}} | The Audit Ready Checklist
5. Apply for certification
After completing gap remediation, perform the final assessment of your controls to ensure alignment with the Cyber Essentials requirements. Once you’re confident in the effectiveness of your controls, you can apply for certification.
If you’re pursuing Cyber Essentials Plus, prepare for the audit thoroughly by checking the Illustrative Test Specification for details on the technical assessments the auditor will perform, including:
- Malware protection checks
- Multi-factor authentication testing
- Account separation tests
Besides observed evidence, the auditor will likely ask for documented proof of the existence and effectiveness of your controls, including those related to policies. Use IASME’s resources to prepare all the necessary documentation ahead of the audit and streamline the process.
How much does Cyber Essentials cost?
The cost of Cyber Essentials mainly depends on your organization’s size and the chosen certification level. The cost for base-level certification is as follows:
For the exact cost of Cyber Essential Plus, you can contact IASME.
Besides the costs of the certification itself, you should factor in the expenses you may incur to identify and remediate compliance gaps. The increased assurance and implementation of industry-standard cybersecurity controls often justify the total investment.
You can also considerably cut the overall costs by removing inefficiencies from your assessment processes. To do so, you can leverage a capable security and compliance platform.
Vanta: Your Cyber Essentials certification partner
Vanta is a comprehensive trust management platform that automates up to 70% of Cyber Essentials certification workflows, helping you implement the framework with minimal legwork and costs.
Regardless of your chosen certification level, Vanta can help you prepare more efficiently thanks to its Cyber Essentials product. The solution comes with numerous features that streamline security workflows, most notably:
- Automated evidence collection
- Centralized control documentation
- Simplified gap remediation
- Expert guidance throughout the process
To explore these features first-hand and see how Vanta’s Cyber Essentials product helps you achieve certification faster, schedule a custom demo.
{{cta_simple32="/cta-modules"}} | Cyber Essentials product page
A note from Vanta: Vanta is not a law firm, and this article does not constitute or contain legal advice or create an attorney-client relationship. When determining your obligations and compliance with respect to relevant laws and regulations, you should consult a licensed attorney.
Introduction to Cyber Essentials
What is Cyber Essentials? All you need to know

Introduction to Cyber Essentials

Cyber Essentials is a UK government-backed certification scheme designed to help organizations strengthen their cybersecurity posture and build stakeholder trust more effortlessly. Though voluntary, it provides organizations with a practical framework for optimizing their critical security controls and enhancing protection against common cyber threats.
To help you achieve Cyber Essentials certification, our comprehensive guide will cover all the essential information, including:
- Cyber Essentials overview and key control areas
- Benefits of achieving certification
- Steps to completing the certification process
What is Cyber Essentials?
Cyber Essentials is a security accreditation program developed by the UK’s National Cyber Security Center (NCSC). The program’s main purpose is to help organizations fortify their security posture by implementing industry-accepted cybersecurity controls.
While the framework’s implementation is voluntary, it is highly beneficial for UK-based organizations of all sizes and sectors, especially those aiming to bid for central government contracts.
Still, organizations can opt for Cyber Essentials certification even if they’re based outside the UK, thanks to the framework’s location-agnostic scope and controls. The prescribed security measures are universally applicable and can improve the security posture of any organization.
{{cta_withimage23="/cta-modules"}} | Cyber Essentials Checklist
Cyber Essentials: An overview of controls
Cyber Essentials is built around the following five control areas:
Cyber Essentials evolves continuously to address changes in the cybersecurity landscape, making it important to stay updated on the latest recommendations.
Why you should implement Cyber Essentials
The main reason for adopting Cyber Essentials is to effectively mitigate common security threats and ensure business continuity. Other notable advantages include:
- Demonstrating trust and commitment to cybersecurity: A Cyber Essentials certificate shows that you not only comply with mandatory regulations but also voluntary frameworks, showcasing your commitment to industry-standard security practices
- Supply chain security: Cyber Essentials analyzes the impact of downstream and upstream vendors on your security posture, fortifying your controls to ensure higher supply chain security
- Easier regulatory compliance: By implementing Cyber Essentials controls, you’ll get a head start for ensuring compliance with the more complex standards and regulations focused heavily on cybersecurity
- Accessible cyber liability insurance: Including your entire IT infrastructure in the Cyber Essentials assessment may make you eligible for insurance coverage against common security attacks, helping you recover from their impacts
- Meeting contractual or legal requirements (for UK entities): Cyber Essentials is widely adopted among UK entities, so aligning with it helps you stay competitive and meet the requirements of a recognized cybersecurity framework
- Competitive advantage during bidding: To bid on government contracts, a Cyber Essentials certificate may be either an advantage or a necessity to ensure you’re eligible and can contribute to the security of the public sector
Cyber Essentials certification process: 5 steps to follow
Cyber Essentials offers two certification levels:
- Cyber Essentials
- Cyber Essentials Plus
The certification process for both levels begins with a self-assessment against Cyber Essentials controls. However, Cyber Essentials Plus requires an additional step—a third-party audit to validate your self-assessment results.
Regardless of your chosen certification level, you can follow these steps to get certified efficiently:
- Download the CE self-assessment questionnaire (SAQ)
- Scope the assessment
- Perform a security review
- Remediate compliance gaps
- Apply for certification
Below we’ll discuss each step in more detail.
1. Download the Cyber Essentials self-assessment questionnaire (SAQ)
To familiarize yourself with Cyber Essentials requirements and lay the groundwork for your internal audit, you can download the self-assessment questionnaire from the IASME website. The questionnaire covers all the controls you should implement, making it an excellent resource to help your organization prepare for the certification process.
As of this writing, there are two versions of the SAQ for Cyber Essentials—one for applications before April 2025 and another for those after. Be sure to choose the correct version based on when you plan to pursue certification. While the two versions differ minimally, you must use the correct one to ensure adequate readiness.
You can download the question set in PDF or Excel, along with two accompanying resources:
- NCSC Requirements for Infrastructure: Provides additional context and helpful guidance for successful Cyber Essentials implementation
- Cyber Essentials Plus Illustrative Test Specification: Outlines the specific testing procedures your organization will go through if you opt for Cyber Essentials Plus
Reviewing these resources before starting any preparation activities is essential to fully understand the workflows you’ll need to implement. If necessary, consult with your IT and security teams for input to ensure you’re familiar with the contents.
2. Scope the assessment
The scope of a Cyber Essentials assessment can vary based on which components of your IT infrastructure require the most assurance. While you have some flexibility in choosing these elements, it’s highly beneficial to include your entire infrastructure in the assessment.
Besides increased confidence in your cybersecurity posture, doing so is necessary to potentially qualify for cyber liability insurance. While the assessment (and the accompanying audit in the case of Cyber Essentials Plus) may be more extensive, the increased assurance and the added security buffer make it well worth the effort.
Still, in some cases, scoping your entire infrastructure may be impractical or unnecessary. For example, you may not want to include unsupported software that doesn’t offer regular updates in the assessment, as it falls outside of the security monitoring requirements.
Additionally, organizations with complex networks or multiple geographic locations may define a subset scope instead of including their entire infrastructure. Still, for a subset scope to be valid, in-scope and out-of-scope systems must be clearly segmented, which is typically done through network separation, authentication controls, or distinct physical locations.
3. Perform a security review
After familiarizing yourself with the SAQ, review the questions to perform a security review and determine your current standing. Depending on the assessment scope, this process might involve various activities, such as:
- Policy reviews
- Vulnerability scans
- Penetration testing
If you pursue Cyber Essential Plus certification, the third-party auditor will also perform many of those activities, so a comprehensive self-assessment lets you prepare for the audit and ensure all the relevant controls are in place.
The main challenge is that self-assessments can be burdensome, especially for resource-constrained organizations. This is particularly true if you rely on manual processes and disparate systems that can hinder the following key activities:
- Asset inventory and review
- Control testing
- Evidence collection
Ideally, you’ll streamline these processes with a dedicated software solution that unifies the key data and automates as many activities as possible to free up more time and resources for your team.
4. Remediate compliance gaps
Your self-assessment results should serve as the basis of your gap remediation plan. If your security program is not highly mature, there may be numerous gaps to close before you can confidently apply for Cyber Essentials certification.
To lay out a detailed remediation plan, you can use the SAQ and the NCSC Requirements for Infrastructure document. The latter can be particularly useful because it is well structured and clearly outlines the requirements within each control area.
As you remediate Cyber Essentials gaps, you may need to modify or implement new security-related processes. These changes can become overwhelming and challenging to adapt to, so to prevent this and minimize operational disruptions, introduce any changes and additions gradually.
{{cta_withimage22="/cta-modules"}} | The Audit Ready Checklist
5. Apply for certification
After completing gap remediation, perform the final assessment of your controls to ensure alignment with the Cyber Essentials requirements. Once you’re confident in the effectiveness of your controls, you can apply for certification.
If you’re pursuing Cyber Essentials Plus, prepare for the audit thoroughly by checking the Illustrative Test Specification for details on the technical assessments the auditor will perform, including:
- Malware protection checks
- Multi-factor authentication testing
- Account separation tests
Besides observed evidence, the auditor will likely ask for documented proof of the existence and effectiveness of your controls, including those related to policies. Use IASME’s resources to prepare all the necessary documentation ahead of the audit and streamline the process.
How much does Cyber Essentials cost?
The cost of Cyber Essentials mainly depends on your organization’s size and the chosen certification level. The cost for base-level certification is as follows:
For the exact cost of Cyber Essential Plus, you can contact IASME.
Besides the costs of the certification itself, you should factor in the expenses you may incur to identify and remediate compliance gaps. The increased assurance and implementation of industry-standard cybersecurity controls often justify the total investment.
You can also considerably cut the overall costs by removing inefficiencies from your assessment processes. To do so, you can leverage a capable security and compliance platform.
Vanta: Your Cyber Essentials certification partner
Vanta is a comprehensive trust management platform that automates up to 70% of Cyber Essentials certification workflows, helping you implement the framework with minimal legwork and costs.
Regardless of your chosen certification level, Vanta can help you prepare more efficiently thanks to its Cyber Essentials product. The solution comes with numerous features that streamline security workflows, most notably:
- Automated evidence collection
- Centralized control documentation
- Simplified gap remediation
- Expert guidance throughout the process
To explore these features first-hand and see how Vanta’s Cyber Essentials product helps you achieve certification faster, schedule a custom demo.
{{cta_simple32="/cta-modules"}} | Cyber Essentials product page
A note from Vanta: Vanta is not a law firm, and this article does not constitute or contain legal advice or create an attorney-client relationship. When determining your obligations and compliance with respect to relevant laws and regulations, you should consult a licensed attorney.
What’s a Rich Text element?
What’s a Rich Text element?The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.Static and dynamic content editing
Static and dynamic content editingA rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!How to customize formatting for each rich text
How to customize formatting for each rich textHeadings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
What’s a Rich Text element?
What’s a Rich Text element?The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.Static and dynamic content editing
Static and dynamic content editingA rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!How to customize formatting for each rich text
How to customize formatting for each rich textHeadings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
What’s a Rich Text element?
What’s a Rich Text element?The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.Static and dynamic content editing
Static and dynamic content editingA rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!How to customize formatting for each rich text
How to customize formatting for each rich textHeadings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

What’s a Rich Text element?
What’s a Rich Text element?The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.Static and dynamic content editing
Static and dynamic content editingA rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!How to customize formatting for each rich text
How to customize formatting for each rich textHeadings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

What’s a Rich Text element?
What’s a Rich Text element?The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.Static and dynamic content editing
Static and dynamic content editingA rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!How to customize formatting for each rich text
How to customize formatting for each rich textHeadings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

What’s a Rich Text element?
What’s a Rich Text element?The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.Static and dynamic content editing
Static and dynamic content editingA rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!How to customize formatting for each rich text
How to customize formatting for each rich textHeadings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

What’s a Rich Text element?
What’s a Rich Text element?The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.Static and dynamic content editing
Static and dynamic content editingA rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!How to customize formatting for each rich text
How to customize formatting for each rich textHeadings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
What’s a Rich Text element?
What’s a Rich Text element?The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.Static and dynamic content editing
Static and dynamic content editingA rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!How to customize formatting for each rich text
How to customize formatting for each rich textHeadings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.
Role: | GRC responsibilities: |
---|---|
Board of directors | Central to the overarching GRC strategy, this group sets the direction for the compliance strategy. They determine which standards and regulations are necessary for compliance and align the GRC strategy with business objectives. |
Chief financial officer | Primary responsibility for the success of the GRC program and for reporting results to the board. |
Operations managers from relevant departments | This group owns processes. They are responsible for the success and direction of risk management and compliance within their departments. |
Representatives from relevant departments | These are the activity owners. These team members are responsible for carrying out specific compliance and risk management tasks within their departments and for integrating these tasks into their workflows. |
Contract managers from relevant department | These team members are responsible for managing interactions with vendors and other third parties in their department to ensure all risk management and compliance measures are being taken. |
Chief information security officer (CISO) | Defines the organization’s information security policy, designs risk and vulnerability assessments, and develops information security policies. |
Data protection officer (DPO) or legal counsel | Develops goals for data privacy based on legal regulations and other compliance needs, designs and implements privacy policies and practices, and assesses these practices for effectiveness. |
GRC lead | Responsible for overseeing the execution of the GRC program in collaboration with the executive team as well as maintaining the organization’s library of security controls. |
Cybersecurity analyst(s) | Implements and monitors cybersecurity measures that are in line with the GRC program and business objectives. |
Compliance analyst(s) | Monitors the organization’s compliance with all regulations and standards necessary, identifies any compliance gaps, and works to mitigate them. |
Risk analyst(s) | Carries out the risk management program for the organization and serves as a resource for risk management across various departments, including identifying, mitigating, and monitoring risks. |
IT security specialist(s) | Implements security controls within the IT system in coordination with the cybersecurity analyst(s). |