The above price is based on on-site testing at one location of one type of user account on up to eight workstation builds and up to five mobile devices (smartphones, tablets*), and with 16 or fewer external IP addresses. Price includes SAQ review, external scans and certification service - Client site visits are subject to travel expenses. Expenses will be assessed and charged in arrears. (Tests for
additional IP addresses can be purchased here)
* Microsoft Surface Tablet Pro is treated as a workstation.
The duration and number of locations that must be included in the internal testing are dependent on the number of builds of user devices, including BYOD, that are within the scope of the certification.
The number of locations to be tested depends on whether all the different builds can be tested in one location. It is permissible to arrange a build to be delivered at a particular site for testing purposes, even if it is not normally deployed there, providing it accesses the Internet in its usual manner.
The number of builds is defined by the number of configurations of operating system and the suite of software installed. Examples of relevant software are listed below.
- Oracle Java
- Adobe Acrobat
- Microsoft Office
- Adobe Flash
- Mozilla Firefox
- Google Chrome
- Microsoft Internet Explorer
- Anti-virus solution
If more than one browser or Office suite is used, then each variant needs testing. If they are installed on the same build, then this is acceptable.
- All user device builds to be tested, including mobile and BYOD, must be available for testing.
- Local user accounts with username and password must be available for each user group in scope.
- Internet access from the devices being tested must allow the receipt of emails from our test domain and be accessible by our test web server (https://cybercomply.co.uk).
- Details of a user e-mail account per user group being assessed.
- Workstation builds must be configured to allow an authenticated vulnerability scan that will determine patch and version numbers of installed software, and details of the account to be used.
- Remote registry must be enabled on the workstation builds, and no global policies that block the authenticated vulnerability scan are permitted.
- Click here for repeat testing and assessment fees >>
- Read our Cyber Essentials FAQs here.
Please contact us at email@example.com or call us on +44 (0)845 070 1750 for further details and clarification about the requirements.
Client site visits, where required, are subject to travel expenses. Expenses will be assessed and charged in arrears.