Cyber Essentials Scheme UK Technical Controls Compliance Audit

This checklist covers compliance with Network and Information Systems (NIS) Regulations 2018 and applicable UK statutory requirements for information technology operations. Non-compliance can result in fines up to £17 million under NIS Regulations 2018 and UK GDPR enforcement by the ICO.

• Industry: Information Technology
• Frequency: Quarterly
• Estimated Time: 20-30 minutes
• Role: IT Security Manager
• Total Items: 20
• Compliance: Network and Information Systems (NIS) Regulations 2018, UK GDPR (Data Protection Act 2018), NCSC Cyber Essentials Scheme, Computer Misuse Act 1990

Statutory Compliance, Registration & Risk Assessment

Verify statutory registrations, risk assessments, and Competent Person designation per UK law.

• Are all relevant statutory licences, permits, and registrations current, displayed where required, and available for inspection?
• Has a suitable and sufficient risk assessment been completed and communicated to relevant workers?
• Is a Competent Person designated for this area of compliance per the relevant statutory requirement?
• Attach photo of statutory registrations, risk assessment, and Competent Person appointment documentation:

Competence, Monitoring & Outstanding Actions

Verify worker competence, active monitoring programme, and outstanding corrective actions.

• Are all workers competent for their tasks (trained, experienced, or supervised as appropriate)?
• Is monitoring and measurement of key compliance indicators carried out at required frequencies?
• Number of outstanding corrective actions from previous inspection or audit:
• Attach photo of training records, monitoring reports, and corrective action tracker:

Emergency Procedures, Signage & Legal Notices

Verify emergency procedures, mandatory statutory signage, and drill records.

• Are emergency procedures documented, practiced through drills, and records maintained?
• Are all statutory notices, signage, and warnings correctly displayed per applicable regulations?
• Overall compliance with applicable UK statutory requirements:
• Attach photo of emergency drill records, statutory signage register, and compliance certificates:

Enforcement Compliance & Management Review

Verify enforcement notice compliance, management review programme, and senior accountability.

• Have all findings from previous regulatory inspections, enforcement notices, and prohibition orders been resolved?
• Is management review of the health and safety management system conducted at least annually?
• Number of open enforcement actions or improvement notices outstanding:
• Senior Responsible Officer certification of inspection completion:

Corrective Actions & Inspector Sign-Off

Document all deficiencies and assign corrective actions. POPProbe auto-assigns these to team members, generates a signed PDF report instantly, and tracks compliance status across all locations. -> Start free, no credit card required

• List all deficiencies identified in this inspection:
• Overall compliance status?
• Corrective actions assigned to (name and department):
• Inspector digital signature and date:

Related Technology Checklists

• Cyber Essentials Plus Verified Annual Assessment Readiness Checklist
• UK GDPR & ICO Employment Practices Employee Monitoring Audit
• UK GDPR Article 25 Privacy by Design & Default Implementation Audit
• Electricity at Work Regs 1989 & RRFSO 2005 Data Centre Safety Audit
• NCSC 10 Steps to Cyber Security Annual Review Checklist UK
• ISO/IEC 27001:2022 ISMS UK Operations Certification Audit Checklist
• ISO/IEC 27001:2022 Clause 6.1 Information Security Risk Assessment
• PCI DSS v4.0 UK Merchant Compliance Annual Self-Assessment Audit

Related Cybersecurity Checklists

• NIST CSF 2.0 Govern Function - Policy & Oversight Audit Checklist - FREE Download
• NIST CSF 2.0 Identify Function - Asset Inventory Compliance Checklist - FREE Download
• NIST CSF 2.0 Protect Function - Access Controls Compliance Checklist - FREE Download
• NIST CSF 2.0 Detect Function - Continuous Monitoring Audit - FREE Download
• NIST CSF 2.0 Respond Function - Incident Response Plan Audit - FREE Download
• NIST SP 800-171 CUI Protection for Defense Contractors DFARS Audit - FREE Download
• ISO/IEC 27001:2022 Annex A Controls Implementation Checklist - FREE Download
• ISO/IEC 27001:2022 Clause 6.1.2 Information Security Risk Assessment - FREE Download
• ISO/IEC 27001:2022 Certification Readiness Gap Assessment Checklist - FREE Download
• SOC 2 Type II - CC6 Logical & Physical Access Controls Checklist - FREE Download

Why Use This Cyber Essentials Scheme UK Technical Controls Compliance Audit?

This cyber essentials scheme uk technical controls compliance audit helps information technology teams maintain compliance and operational excellence. Designed for it security manager professionals, this checklist covers 20 critical inspection points across 5 sections. Recommended frequency: quarterly.

Ensures compliance with Network and Information Systems (NIS) Regulations 2018, UK GDPR (Data Protection Act 2018), NCSC Cyber Essentials Scheme, Computer Misuse Act 1990. Regulatory-aligned for audit readiness and inspection documentation.

Frequently Asked Questions

Browse More Checklists

• All Cybersecurity Checklists
• Technology Checklists
• Browse 10,000+ Free Checklist Templates
• Operations Blog
• Book a Demo