If you have answered 'yes' to the last question, your organisation is eligible for the included cyber insurance if you gain certification. If you do not want this insurance element, please opt out here.
What this question is really asking
If you answered yes to A3.1, confirming here triggers the insurance process. Read the insurance policy terms carefully before confirming — the policy has specific inclusions and exclusions. Use a monitored email address for insurance documentation; it is sent promptly after certification.
What satisfies this requirement
Yes or NoNo additional cost. Opt out does not change the price of the assessment.
What to prepare before your assessor visit
Read the policy wording before confirming, particularly the exclusions and conditions. The included cyber insurance is a genuine benefit but it has specific terms. Assessors won't quiz you on the policy details, but knowingly confirming something you haven't read is poor practice — and the policy has conditions that require ongoing compliance to remain valid.
How this question sits across CE versions
Does your organisation meet this requirement?
Answer 30 plain-English questions and find out exactly where you stand across all 5 Cyber Essentials control areas — with a prioritised list of what to fix first.