Four situations that lead to this assessment
"A client's vendor onboarding asked whether we hold SMB1001 Bronze certification. No one in the business knew what it was."
The question has been asked. Now you need to know if you can answer it.
"A tender we're bidding on listed SMB1001 certification as a preferred attribute. A competitor already has the badge."
Certification is becoming a differentiator. Starting now gives you an advantage.
"I saw the CyberCert accreditation badge on a competitor's website. How did they get it β and can we get it too?"
Most businesses are closer to certification than they think.
"Our insurance broker mentioned SMB1001 as a way to reduce our cyber premium at next renewal."
Certification signals verified security hygiene β insurers notice.
Your MSP handles the technology. But technology is only part of the picture. SMB1001 certification covers controls that span people, processes, and systems β including areas your MSP isn't responsible for. The readiness assessment tells you the complete picture.
The scope
12 ASD Bronze controls β assessed against each one
Every control is assessed as pass or fail. No partial scores, no estimates. You know exactly what you meet and what you need to fix.
Multi-factor authentication
Unique credentials per service
Automatic application updates
Automatic operating system updates
Automated backup and recovery
Security software on endpoints
Phishing-resistant email configuration
Admin account management
Secure configuration of accounts
Device and data encryption
Staff security awareness
Incident response capability
What you receive
Plain language. Binary answers. Clear path forward.
SMB1001 Readiness Report
Binary pass or fail against each of the 12 Bronze controls, with the evidence used and the basis for each result. No ambiguity about where you stand.
Gap summary with effort estimates
A plain-language statement of which controls need work, what each gap means in practice, and what it would realistically take to close it β policy, configuration, vendor change, or something more involved.
Certification recommendation
A direct statement: proceed to certification now, or address these specific gaps first. With the reasoning. So you know whether you are weeks away from the badge or whether there is more work to do.
30-minute debrief call
Walk through the findings, ask questions about specific gaps, and understand exactly what the certification process looks like from where you are now.
How it works
Questionnaire and evidence review β no system access
Book and pay β no call required
Use the pricing configurator below to get your fixed price and book directly.
30-minute kickoff call
We confirm scope and explain exactly what evidence is needed for each control β so there are no surprises when the questionnaire lands.
Questionnaire and evidence submission
Within 24 hours of kickoff, we send a structured questionnaire covering all 12 controls. You gather evidence at your own pace β typically three to five business days. We tell you exactly what to look for.
Report and debrief delivered
CyberCraft reviews your evidence against the ASD Bronze criteria and delivers the full report within five business days of evidence received. Debrief call included.
Get your price
Fixed fee, tiered by organisation size
SMB1001 Readiness β Pricing Configurator
Three questions. Fixed price displayed immediately.
Where to next