This website uses cookies. View our cookie policy
United Kingdom
Select regional store:

NCSC Certified Cyber Security Consultancy Scheme

The NCSC (formerly CESG)’s Certified Cyber Security Consultancy (CCSC) scheme is aimed at the public sector and private-sector organisations looking to do business with the public sector.

The new scheme replaces the CESG Listed Advisor Scheme (CLAS), which focused on individual consultants rather than consultancy firms. By introducing the CCSC scheme, CESG aimed to reduce the dependence on individual consultants, and to establish the wider credentials of consultancy companies to deliver high-quality, tailored and expert cyber security advice.

The scheme is now run by the National Cyber Security Centre (NCSC). Once registered under the CCSC scheme, consultancy organisations can apply to be listed as an approved supplier to the Crown Commercial Service (CCS).

Another benefit of the new scheme is that every certified consultancy will be assured by the NCSC.

According to CESG’s website, Certified Cyber Security Consultancies will have demonstrated that they:

  • Have a proven track record of delivering defined cyber security consultancy services;
  • Have a level of cyber security expertise supported by professional requirements defined by the NCSC;
  • Manage consultancy engagements in accordance with industry good practice;
  • Meet NCSC requirements for certified professional cyber services companies.

Organisations delivering NCSC-approved cyber security consultancy must appoint a suitably skilled NCSC Certified Professional (CCP).

NCSC Cyber Security Consultancy Service categories

There are initially four Certified Cyber Security Consultancy Service categories, and approved consultancies can offer services within these categories.

IT Governance Cyber Security Consultancy

IT Governance is not currently certified under the CCSC scheme but hopes to be an early adopter. With a strong background in ISO 27001 and cyber security, combined with extensive expertise working with both the private and public sectors, we are well placed to deliver the guidance and support required to meet the UK Government’s requirements. Our consultancy services include:

Contact us for trusted guidance and expert advice

Get in touch with a key account manager to discuss your cyber security consultancy needs today by calling us on +44 (0)333 800 7000 or by emailing us at