Cyber Security Assessment for Schools
Get a clear, jargon-free picture of your school's cyber security posture with a comprehensive assessment from SchoolCare. We evaluate your systems against the Cyber Essentials Digital and Technology Standards and NCSC guidance, identifying vulnerabilities and delivering a prioritised, costed action plan.
Assessment Scope
Cyber Essentials Alignment
Our security assessments align with Cyber Essentials standards, ensuring your school meets government-backed cybersecurity requirements. We verify compliance across key technical controls and provide clear evidence for external audits and government submissions.
Internal Assessment
Comprehensive review covering servers, switches, wireless infrastructure, and endpoints across your internal network.
Cyber Essentials Standards Check
Configuration review of firewall rules, web filtering, and content monitoring against best-practice standards. Dedicated evaluation against all five Cyber Essentials technical controls: firewalls, secure configuration, user access control, malware protection, and security update management.
Backup & Recovery
Assessment of backup and disaster recovery arrangements against Cyber Essentials requirements, ensuring you can recover from an incident.
Access Control Audit
Review of user accounts, permissions, and access controls including MFA readiness across all critical systems.
100-Point Assessment Framework
Structured assessment across 100 security control points spanning eight domains. Each control is individually scored, giving your school a clear benchmark, a percentage compliance score, and a prioritised improvement roadmap that maps directly to Cyber Essentials and Cyber Essentials requirements.
The Assessment Process
1. Free Consultation
Initial discussion of your setup, concerns, and compliance requirements. No obligation, no jargon.
2. Discovery & Scanning
A combination of remote scanning and on-site assessment tailored to your school’s infrastructure. Our hybrid approach minimises disruption while ensuring comprehensive coverage of both cloud-hosted and on-premise systems.
3. Analysis & Report
Prioritised findings with an executive summary for senior leadership and governors, plus technical detail for IT staff. Your 100-point score provides a clear benchmark for tracking improvement over time.
4. Roadmap Meeting
Face-to-face presentation with a costed improvement plan tailored to your budget and priorities.
5. Remediation
SchoolCare implements all recommended fixes, working around term dates to minimise disruption.
6. Ongoing Assurance
Regular rescanning and annual reassessment to ensure your security posture continues to improve.
Our 100-Point Cyber Assessment
Every SchoolCare cyber assessment follows a structured 100-point framework spanning eight security domains. Each control point is individually scored, giving your school a clear, measurable benchmark and a prioritised roadmap to stronger security.
Network Security — 15 Points
Firewall configuration and rule review, network segmentation between staff/student/guest/IoT networks, DNS filtering, intrusion detection, VPN configuration, remote access security, wireless network encryption and authentication standards.
Endpoint Protection — 15 Points
Antivirus and anti-malware deployment and currency, endpoint detection and response (EDR) coverage, device encryption (BitLocker/FileVault), USB and removable media policies, browser security settings, end-of-life software identification.
Patch Management — 15 Points
OS patch currency across Windows, macOS, and Chrome OS, third-party application patching, firmware updates on network equipment, patch deployment speed against the 14-day Cyber Essentials deadline, failed patch tracking and remediation.
Access Management — 15 Points
Multi-factor authentication deployment, password policies, privileged account management, dormant account identification, shared credential elimination, leavers process verification, Active Directory/Azure AD hygiene.
Data Protection — 10 Points
Backup frequency and integrity, off-site and immutable backup verification, restore testing evidence, data classification practices, encryption at rest and in transit, GDPR-relevant data handling for pupil and staff records.
Incident Readiness — 10 Points
Documented cyber incident response plan, communication plan for parents/governors/ICO, business continuity arrangements, disaster recovery testing, insurance and RPA cyber cover evidence.
Staff Awareness — 10 Points
Training completion rates, phishing simulation results, role-specific awareness (finance, admin, SLT), new starter induction processes, policy awareness and acceptable use agreements, governor cyber awareness.
Governance & Compliance — 10 Points
Cyber Essentials Digital Standards self-assessment status, Cyber Essentials certification status, information asset register, risk register maintenance, SLT digital lead appointment, annual cyber review evidence, supplier security assurance.
How Scoring Works
Each control point is assessed as Compliant (full marks), Partially Compliant (half marks), or Non-Compliant (zero). Your overall percentage score gives an immediate picture:
- 80–100 — Strong: Well-protected with minor improvements recommended. Likely ready for Cyber Essentials certification.
- 60–79 — Developing: Foundations in place but significant gaps. Prioritised roadmap provided.
- Below 60 — At Risk: Critical vulnerabilities requiring urgent action. Accelerated remediation plan with quick wins identified.
What You Receive
- Executive summary with your 100-point score, suitable for governor reports and trust board papers
- Detailed technical findings with evidence for each of the 100 control points
- Prioritised remediation roadmap with estimated costs and suggested timeline
- Cyber Essentials Standards gap analysis showing your position against each of the six core standards
- Cyber Essentials readiness assessment identifying what’s needed for certification
- Follow-up reassessment to track score improvement (included in annual agreements)
Who It’s For
Any school or trust that wants to understand their cyber risk and build a roadmap to compliance. Particularly valuable ahead of Ofsted inspections, trust board reviews, insurance renewals, Cyber Essentials standards self-assessment, and Cyber Essentials certification. Single-school assessments start from under £1,000 with multi-site trust assessments quoted individually.
Know Where You Stand
Book your free initial consultation and get a clear picture of your school’s cyber security posture.
Ready to Transform Your School’s ICT?
Contact us today for a no obligation quote. Our team of experts are ready to help.