Template
Cyber Essentials MFA evidence log template
An MFA evidence log for Cyber Essentials, covering every cloud platform, every admin account and the MFA method enforced.
What this template helps with
- Proving MFA is enforced for admins on every cloud service
- Documenting MFA methods (app, key, SMS)
- Tracking exceptions and compensating controls
What is included
- Per-platform, per-admin rows
- MFA method and enforcement status
- Notes for exceptions
Who it is for
- SMEs evidencing MFA across SaaS platforms
- Teams preparing assessor evidence on user access
Preview
Copy the structure below or build it properly in Evaud.
| Platform | Admin | MFA enforced | Method | Notes |
|---|---|---|---|---|
| Microsoft 365 | alex@example.com | Yes | App | Conditional access |
| Google Workspace | n/a | n/a | — | Not used |
| Accounting SaaS | finance@example.com | Yes | App | — |
| CRM | sales@example.com | Yes | App | — |
| Legacy admin tool | ops@example.com | No | — | IP allowlist + plan to retire |
Build this properly in Evaud
Get the structure above, plus owners, review dates, file uploads and the read-only assessor view.
Frequently asked questions
Evaud helps organise Cyber Essentials evidence and readiness information. It is not a certification body and does not guarantee certification.
Start building your Cyber Essentials evidence today.
Free to try. No credit card required.