This website uses cookies. View our cookie policy
Close
United Kingdom
Select regional store:

Cyber Essentials for the MOD supply chain

Cyber Essentials forms part of the overall Cyber Security Model introduced by the Defence Cyber Protection Partnership (DCPP) within the Ministry of Defence (MOD). The DCPP is responsible for protecting the defence supply chain from cyber threats.


What does MOD security model involve?

The Cyber Security Model was developed by the DCPP in partnership with industry, and comprises the elements:

  • The Risk Assessment; used to measure the level of cyber risk for a contract
  • The Risk Assessment will assign one of five cyber risk profiles. 
  • Suppliers bidding for a contract must complete a Supplier Assurance Questionnaire (SAQ) evidencing that they can meet ths contract’s assessed level of cyber risk. 

How Cyber Essentials supports the MOD’s cyber security model

A contract may be given one of the five following risk profiles: not applicable, very low, low, moderate or high; which determines the number of cyber security requirements that must be fulfilled by prospective suppliers.


A minimum requirement: Cyber Essentials certificate

“For all new requirements advertised from 1st January 2016 which entail the transfer of MOD identifiable information from customer to supplier or the generation of information by a supplier specifically in support of the MOD contract, MOD will require suppliers to have a Cyber Essentials Certificate by the contract start date at the latest, and for it to be renewed annually. This requirement must be flowed down the supply chain..
..CES certification will become the baseline requirement for companies in the UK defence supply chain. Suppliers are strongly encouraged to start working towards achieving it.”

Richard Jefferys, Defence Commercial Head of Policy, Process and Procedures (P3)

Cyber Essentials certification is a minimum requirement for contracts where MOD Identifiable Information is transferred, stored or accessed electronically.


Secure your organisation with Cyber Essentials

With IT Governance, you can complete the entire certification process quickly and easily using our online portal for as little as £300.

Find out more >>


Speak to an expert

Please contact our team for advice and guidance on our Cyber Essentials products and services.