Please list your internet browser(s).
Section A6: Security Update Management · Cyber Essentials Montpellier
What this question is really asking
List all internet browsers used across your in-scope devices. Browsers are a significant attack surface and must be supported versions with updates applied. Assessors will cross-check this list against your patching answers in A6.4-A6.5 — any browser listed must have auto-updates enabled or a managed update process in place.
What satisfies this requirement
A list is requiredVersion required. e.g. Chrome Version 102, Safari Version 15.
What to prepare before your assessor visit
Don't forget browsers that are installed but 'nobody uses anymore'. If it's installed on a device, it is in scope. Run a software inventory that captures all installed applications, not just which browser opens by default. Chrome and Edge typically auto-update, but only if the browser is actually restarted — users who rarely restart can end up running outdated versions despite auto-update being nominally enabled.
How this question sits across CE versions
Related policy templates
Getting certified means having documentation to back it up. These policy templates cover the controls this question tests.
Does your organisation meet this requirement?
Answer 30 plain-English questions and find out exactly where you stand across all 5 Cyber Essentials control areas — with a prioritised list of what to fix first.