Please list the quantities and operating systems for your laptops, desktops and virtual desktops within the scope of this assessment.
What this question is really asking
Provide a list of all network ranges in scope — IP subnets, VLAN identifiers, and so on. You do not need to enumerate every sub-net, but all major segments must be listed. Assessors use this to validate your firewall configuration and device management claims.
What satisfies this requirement
A list is requiredInclude make and OS version. Windows edition and feature version required. Corporate and BYOD. Devices connecting to cloud services must be included. Note: Windows 10 users beyond 14th October 2025 must be on Microsoft Extended Security Update program.
What to prepare before your assessor visit
Assessors use this to cross-check your firewall rules and device management claims. If your stated network ranges don't match the IP blocks your devices are actually using, it suggests the network map isn't accurate — and that casts doubt on other answers. Run an actual IP inventory rather than working from memory or estimating.
How this question sits across CE versions
Related policy templates
Getting certified means having documentation to back it up. These policy templates cover the controls this question tests.
Does your organisation meet this requirement?
Answer 30 plain-English questions and find out exactly where you stand across all 5 Cyber Essentials control areas — with a prioritised list of what to fix first.