lead
  • Tel: 01491 69 3424
indigo it logo proper - final - 500x150px - 300dpi - PNG 002
Cyber Essentials Plus Logo Transparent background

SELF-ASSESSMENT FOR SMES

25-question cyber security self-assessment for SMEs

Answer 25 practical questions across five key areas of SME cyber security. In 15 minutes, you’ll get a clearer view of where your business is strong, where there may be gaps, and what to prioritise before customers, insurers or tender questionnaires ask. For best results, complete it with your senior team and answer honestly.

See where your cyber security stands

Tick each statement that currently applies to your business. There are no “right” or “wrong” answers – the aim is simply to get a clearer view of where your cyber security looks strong, where there may be gaps, and what to prioritise next.

2026 CYBER RESILIENCE REPORT

Find out more in our new 2026 Cyber Resilience Report

Read the report in full in under an hour, or jump straight to the section that answers your current question.

  1. Why Cyber Security Is Now Commercial – how cyber resilience now affects contracts, insurance and customer confidence.
  2. The Microsoft-365 Gap – the common Microsoft 365 settings SMEs miss, and the checks to make first.
  3. Cyber Frameworks Compared – when Cyber Essentials, Cyber Essentials Plus, ISO 27001, SOC 2 and NIST CSF matter.
  4. Monitoring & Evidence – what to record, review and keep ready before a customer or insurer asks.
  5. Zero Trust, Simply – how to reduce unnecessary access without slowing people down.
  6. The 90-Day Roadmap – a practical order of work: visibility, hardening, evidence and certification.  
  7. The SME Self-Assessment – a 25-question cyber security check to run with your leadership team.

 

Front cover of The 2026 SME Cyber Resilience Report by Indigo IT
Find Out More

Meet Matt, Managing Director of INDIGO IT

Making Great IT Personal and Accessible

Matt is passionate about technology and helping businesses to thrive with it. If your tech is in a tangle, he’d love to help you. Whether it’s tricky tech, cyber security, or transforming your business’s IT to achieve your goals, Matt can offer clear guidance, free from the technobabble. Ready to make headway to exceptional IT? It all starts with an informal conversation!
Schedule your meeting
Speak to us
Indigo team member profile picture 2

Frequently Asked Questions

Here are some of the most common questions businesses ask us:

What is a cyber resillience review?

A cyber resilience review checks how well the business can prevent, respond to and evidence cyber security controls. It usually covers Microsoft 365, identity, devices, backup, policies and commercial obligations.

Quarterly is a sensible rhythm for most SMEs, with extra reviews before insurance renewals, major tenders, customer audits or significant Microsoft 365 changes.

An IT and cyber security partner can help structure the evidence customers and insurers ask for, including policies, backup records, MFA evidence, Cyber Essentials documents and Microsoft 365 security settings.

Keep evidence ready: MFA status, backup testing, patching approach, Cyber Essentials position, incident response outline, Secure Score trend and a short summary of your current security posture.