Cyber Essentials FAQs

Speak to an expert

Purchase a short Live Online consultancy session with one of our experts. It's ideal for organisations that are unsure about the scheme’s requirements, which option to choose, or how to define the scope of the certification. 

Alternatively, please contact our team for further advice on our Cyber Essentials products and solutions.

General information about the scheme

Changes to the Cyber Essentials scheme in 2022

Why should we get a Cyber Essentials certificate?

What is required for certification to Cyber Essentials?

What is required for certification to Cyber Essentials Plus?

Who will conduct the assessments for Cyber Essentials and Cyber Essentials Plus?

How long will it take between submitting our online SAQ and receiving our certificate?

Application process

What can we expect from the Cyber Essentials application process?


Where can we display our Cyber Essentials certificate?

How do we renew our Cyber Essentials certificate?

Guidance about the certification process

Cyber Essentials Certification

How can I get more guidance about the certification process?

Defining the scope

How do we define the scope?

How do we determine IP addresses? (Cyber Essentials Plus only)

What should we do if we have more than 16 IP addresses?

How do we determine how many workstations, mobile devices and build types need to be tested for Cyber Essentials Plus?

What should we do if we have more than ten sample devices?

Vulnerability scanning

Why must we have vulnerability scans/penetration tests provided by a third party?

Cyber Essentials and ISO 27001 certification

Should we apply for a Cyber Essentials badge in addition to our ISO 27001 certification?

Can Cyber Essentials replace ISO 27001?

Which should we start first: Cyber Essentials, ISO 27001, or both at the same time?

This website uses cookies. View our cookie policy
WIN £100