Please list the quantity of thin clients within scope of this assessment. Please include make and operating systems.
Section A2: Scope of Assessment · Cyber Essentials Montpellier
What this question is really asking
Provide the count of staff regularly working from home or other remote locations. Their devices and how they connect are in scope. Danzell extended this question to also ask about the connection method — see A2.4.2.
What satisfies this requirement
A list is requiredThin clients connecting to organisational data or services. Must be supported and receiving security updates.
What to prepare before your assessor visit
Include genuine remote workers whose primary work location is their home — not just occasional home workers. If you have 50 staff and 40 regularly work from home, you have 40 remote workers in scope. Their devices must be managed and their connection methods must be addressed. Understating remote worker numbers is one of the more common scope underreporting issues.
How this question sits across CE versions
Related policy templates
Getting certified means having documentation to back it up. These policy templates cover the controls this question tests.
Does your organisation meet this requirement?
Answer 30 plain-English questions and find out exactly where you stand across all 5 Cyber Essentials control areas — with a prioritised list of what to fix first.