Cyber Essentials
DashboardSign Out

Lesson 2.5 — Cyber insurance questions: eligibility, opt-in and contact details

This lesson helps the learner complete the Cyber Essentials insurance questions accurately.

CE questionnaire questions: A3.1 A3.2 A3.3

What You'll Be Able to Do

By the end of this lesson, you will be able to:

  • answer the A3 insurance questions accurately
  • understand whether the organisation appears eligible for the included cyber insurance
  • make a conscious opt-in or opt-out decision
  • record the correct email contact for insurance documents where applicable.

Why This Matters

It explains the eligibility question, the opt-in decision, the insurance contact email, and why the insurance element should not be confused with the Cyber Essentials certification itself.

The most common problems are:

  • answering Yes to A3.1 without checking both head office domicile and turnover;
  • checking only turnover and forgetting the head office condition;
  • assuming eligibility for a group or subsidiary without checking the correct entity basis;
  • treating the insurance questions as technical security questions;

The Core Rule

A3 is the insurance section.

It asks:

Common Mistakes

  • answering Yes to A3.1 without checking both head office domicile and turnover;
  • checking only turnover and forgetting the head office condition;
  • assuming eligibility for a group or subsidiary without checking the correct entity basis;
  • treating the insurance questions as technical security questions;
  • assuming the insurance answers affect whether Cyber Essentials is passed;
  • opting in without knowing who should receive the documents;

Copy This

Work through the workbook activity for this lesson. Each question maps directly to the CE questionnaire.

Quick Checklist

Before moving on, make sure you can say yes to these:

  • [ ] What does A3.1 ask?
  • [ ] When should the learner answer Yes to A3.1?
  • [ ] Do the insurance questions decide whether the Cyber Essentials assessment passes?
  • [ ] Does opting out of the included insurance change the assessment package price?
  • [ ] What does A3.2 ask?

Your Action

Do this now — it takes 10–20 minutes.

Check your cyber insurance eligibility. If you want the included CE insurance, confirm your gross turnover qualifies. Record your decision in Section A1 (A3.1–A3.3).

Key Takeaway

Make a conscious opt-in or opt-out decision, use the right contact email, and make sure the policy documents are reviewed when received.

Your Workbook Activity

Complete: Cyber insurance decision record

This covers questionnaire questions: A3.1 A3.2 A3.3

Next Lesson

In the next lesson: Whole organisation or partial scope: deciding what is actually being certified

Up next

Interviews

Explore interviews with industry experts and thought leaders.