SEQ IT – CyberCert SMB1001 Gold Certification

SEQ IT Achieves SMB1001 Gold Certification | Cyber Security for Small Business

Company News

SEQ IT Achieves SMB1001 Gold Certification

May 2024 Cyber Security

SEQ IT Services has achieved SMB1001 Gold certification from CyberCert, making us one of the first managed service providers in South East Queensland to reach this level of cyber security maturity.

SMB1001 Gold Certification Badge

SMB1001 Gold Certified

Certified through CyberCert. Developed by Dynamic Standards International. Gold represents risk-based cyber security maturity, requiring advanced technical controls, formal governance, documented incident response capabilities, and active cyber insurance.

Achieving SMB1001 Gold means we have implemented and maintain a comprehensive set of cyber security controls across our own operations. This is the standard we hold ourselves to before we apply it to our clients' environments.

As a CyberCert Certification Partner, we also guide our clients through the SMB1001 certification process. Having achieved Gold ourselves, we bring direct, practical experience with every control required at this tier and below.

Verify our certification:
verify.cybercert.ai — SEQ IT Services Pty Ltd

About the Standard

What Is SMB1001?

SMB1001 is a cyber security certification standard developed in Australia by Dynamic Standards International (DSI) and administered through CyberCert. It was designed specifically for small and medium businesses, providing a practical, affordable, and structured path to demonstrable cyber security maturity.

The standard uses a tiered certification model, allowing businesses to start at the level that matches their current capability and progress over time. Gold is where most compliance-driven businesses should aim, particularly those in regulated industries, handling sensitive data, or responding to supply chain security requirements. Tiers above Gold exist for businesses with specific governance and assurance requirements such as those in defence supply chains or critical infrastructure.

SMB1001 is updated annually to stay aligned with the evolving threat landscape. It aligns with several recognised frameworks including the Australian Essential Eight, UK Cyber Essentials, and the US Cybersecurity Maturity Model Certification (CMMC). This means achieving SMB1001 Gold also positions your business well against broader compliance frameworks.

What Gold Covers

What SMB1001 Gold Certification Involves

SMB1001 Gold requires a business to demonstrate that it has implemented and maintains a comprehensive set of controls spanning technical security, governance, physical security, and business continuity. It is the level the Queensland Law Society recommends as a reasonable standard for professional firms.

Achieving Gold is not simply a matter of ticking boxes. It requires that the controls are actively implemented, maintained, and embedded in the business's day-to-day operations.

SMB1001 Gold Controls

  • Endpoint Detection and Response (EDR/MDR)
  • MFA on all business applications and accounts
  • Formal cyber security policy
  • Cyber incident response plan
  • Cyber insurance maintained
  • Digital asset register
  • AI acceptable use policy
  • Secure physical document destruction
  • Secure device disposal procedures
  • RDP restricted to VPN only
  • Staff cyber security awareness training
  • Email authentication (SPF, DKIM, DMARC)
  • Individual user accounts for all staff
  • Admin privileges removed from standard accounts
  • Password manager system
  • Automated patching across endpoints and servers
  • Firewalls configured on all networks
  • Backup and recovery strategy
  • TLS certificates on all public websites
  • Invoice fraud management policy

Why It Matters

What This Means for Our Clients

When you choose an IT provider, you are trusting them with your data, your systems, and your business continuity. You are granting them administrative access to your infrastructure. The question every business should ask is: does your IT provider hold themselves to the same security standards they recommend for you?

Our SMB1001 Gold certification is verifiable proof that we do. It means our own operations are secured with the same controls, policies, and procedures we implement for our clients.

We Practice What We Recommend

Every control we implement for clients is already running in our own environment. We have been through the process, dealt with the practical challenges, and refined our approach based on real experience.

Your Supply Chain Is Stronger

If your business is being asked about its supply chain security, having a Gold-certified IT provider strengthens your position. Our certification independently verifies the security of the partner managing your infrastructure.

Cyber Insurance Alignment

The controls required for SMB1001 Gold overlap significantly with what cyber insurers expect: MFA, EDR, patching, backups, and incident response planning. These are exactly the controls insurers evaluate when assessing your risk.

CyberCert Certification Partner

As an official CyberCert Certification Partner, we guide clients through SMB1001 certification up to Gold. We handle the assessment, technical implementation, documentation, and certification submission.

Industry Recognition

SMB1001 Is Gaining Momentum Across Australia

SMB1001 is no longer a niche standard. It is being endorsed, recommended, and adopted across Australian industries and professional bodies.

The Queensland Law Society has formally recommended SMB1001 to its members, advising law firms to work towards Gold certification as a reasonable standard for cyber resilience and professional assurance. The Australian Computer Society (ACS) has partnered with CyberCert to offer SMB1001 certification pathways to its members, with a particular focus on supporting MSPs and regional Queensland businesses. Major cyber security and data protection vendors have also formed partnerships with CyberCert to validate their platforms against SMB1001 requirements, making certification more streamlined for managed service providers and their clients.

Originally developed in Australia, SMB1001 is now recognised internationally and continues to expand. For small and medium businesses, this growing recognition means that SMB1001 certification is increasingly being requested by clients, required by insurers, and expected in tender responses. Getting certified now positions your business ahead of the curve.

SMB1001 Gold is increasingly recognised by clients, insurers, and government agencies as an appropriate level of cyber security certification for Australian small and medium businesses.

Your Certification

We Can Help You Get SMB1001 Certified

As a CyberCert Certification Partner and SMB1001 Gold certified provider, we guide businesses through the entire certification process up to Gold. We assess your current posture, implement the required technical controls, develop the governance documentation, collect the evidence, and submit your certification application through CyberCert.

Most businesses on our managed IT or managed security plans already have many of the foundational controls in place. Achieving certification is often a matter of formalising what is already there, closing a few specific gaps, and documenting the evidence.

Service Page → SMB1001 Certification Service Service Page → Cyber Security Services Free Assessment → Free Cyber Security Assessment Service Page → Governance & Compliance

Common Questions

Frequently Asked Questions

What is SMB1001 Gold certification?

SMB1001 Gold is a cyber security certification within the SMB1001 standard developed by Dynamic Standards International and administered by CyberCert. Gold requires a business to implement advanced technical controls including EDR/MDR, MFA across all business applications, formal cyber security policies, a documented incident response plan, cyber insurance, and secure device and document disposal procedures. It is the level most compliance-driven businesses should aim for.

What is CyberCert?

CyberCert is the certification body that administers SMB1001 certification in Australia and internationally. CyberCert manages the certification and verification process. Anyone can verify an organisation's SMB1001 certification status through the CyberCert public verification portal.

Why does it matter if my IT provider is SMB1001 certified?

Your IT provider has administrative access to your systems, data, and infrastructure. If they are compromised, you are compromised. An IT provider with SMB1001 Gold certification has verifiable proof that their own operations meet a recognised cyber security standard. It also means they have practical, hands-on experience with the controls they are implementing for your business.

Can SEQ IT help my business get SMB1001 certified?

Yes. We are an official CyberCert Certification Partner and we certify clients up to Gold. We assess your current posture, implement the technical controls, develop the required policies and documentation, compile the evidence, and submit your certification through CyberCert. The initial readiness assessment is free.

How can I verify SEQ IT's certification?

You can verify our SMB1001 Gold certification directly through CyberCert's public verification portal at verify.cybercert.ai. This is independent third-party verification that anyone can access.

Ready to Get Your Business Certified?

Book a free SMB1001 readiness assessment. We will review your current security posture, identify the certification level you are closest to, and give you a clear plan to get there.

Book a Free Assessment or call 1300 619 750