Skip to Main Content
Save 25% on selected auditor training courses. Find out more

Cyber Essentials and Cyber Essentials Plus Certification

Select your options below

Cyber Essentials Certification

Cyber Essentials Plus Certification

Price: £2,055.00
ex. VAT
Cyber Essentials and Cyber Essentials Plus Certification
SKU: 5567
Format: Subscription (Annual)

Bolster your organisation’s commitment to cyber security by achieving Cyber Essentials and Cyber Essentials Plus certification.

  • Includes both Cyber Essentials and Cyber Essentials Plus certificates upon successful completion of all elements.
  • Work with IT Governance, one of the founding Cyber Essentials certification bodies that remains one of the largest in the UK. We have issued more than 7,000 certifications worldwide.
  • Includes cyber insurance, access to our Cyber Security Portal to manage your application, and expert guidance from our cyber security advisers to improve your chances of passing Cyber Essentials certification first time.
  • Cyber Essentials Plus certification includes an on-site or remote assessment, internal vulnerability scans and an external vulnerability scan that offer a higher level of assurance to your stakeholders that your Cyber Essentials controls are in place.
  • Includes a pre-test call to help you get prepared for your assessment.

This is an annual subscription service. All elements of this service will renew automatically each year. Cyber Essentials certificates are valid for 12 months, in line with IASME requirements. (T&Cs apply.)

Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account. Apply online today or call our service centre team on +44 (0)333 800 7000.


Cyber Essentials and Cyber Essentials Plus Certification

This service includes both Cyber Essentials and Cyber Essentials Plus certifications. If you already have a recently acquired Cyber Essentials certification (within the previous three months), you may be able to purchase our Cyber Essentials Plus Certification.

This service is for organisations that do not need one-to-one consultancy support and are comfortable carrying out all the preparations for certification themselves.

What’s included?

  • Your Cyber Essentials and Cyber Essentials Plus certificates.
  • Access to our Cyber Security Portal to manage your application.
  • Guidance from our cyber security experts to help you understand and complete your SAQ (self-assessment questionnaire).
  • An on-site/remote assessment, internal vulnerability scans and external vulnerability scans.
  • Free cyber insurance.*

Benefits of choosing IT Governance as your certification body

 Same day turnaround for Cyber Essentials certifications

 98% customer success rate

 ‘World-Class’-rated customer service

 Over 7,000 certificates issued

 Fixed price packages at competitive rates

How the certification process works:

  • Your Cyber Essentials package will be automatically fulfilled on your account on our IT Governance Cyber Security Portal (CS Portal).
  • You log in to our CS Portal and confirm your details.
  • We send you access details for the IASME Cyber Essentials portal via email.
  • You log on to the IASME portal where you will define your scope and complete the IASME SAQ (self-assessment questionnaire) using your knowledge of the scheme and our expert guidance.
  • You confirm and submit your application on the IASME portal.
  • Subject to a positive outcome, we issue your Cyber Essentials certificate.
  • Once you are Cyber Essentials certified, you schedule the on-site/remote assessment and a pre-engagement call.
  • We conduct the internal assessment and scans on a sample of your Internet-connected devices, and then provide the results. If there are nonconformities, we will also provide feedback to help you understand how to achieve certification.
  • We schedule your external vulnerability scan.
  • Subject to a positive outcome, you receive your Cyber Essentials Plus certificate and report.

Is this service right for you?

  • You are confident in defining the scope of your assessment.
  • You have a high degree of knowledge of all five security controls and are comfortable carrying out all the preparations for certification and testing without one-to-one consultancy support.
  • You have previously certified and are looking to renew, and your scope has not changed.

Upgrade to Cyber Essentials Plus – Get A Little Help

Do you need help defining your scope or are you unclear about any of the five Cyber Essentials control areas? If so, we recommend purchasing our Cyber Essentials Plus – Get A Little Help package, as this includes remote consultancy support to help you through the application process.

Alternatively, you can purchase remote consultancy support by the hour. This service is delivered via email or Microsoft Teams by one of our cyber security experts.

Learn more about Cyber Essentials Plus – Get A Little Help

See what our customers think about this service

“Really pleased with the support offered by Matthew and the team. Straightforward advice on how to complete the form and pragmatic ways to comply with the requirements. We have been discussing getting Cyber Essentials certification since 2017 but have always put it off, being daunted by the process and speaking to IT consultants who made it sound too complicated. Working with you made the process manageable, straightforward and stress-free. Thank you for all your help!”

- Tom Lamb, A Lamb Associates Limited


“Our consultant, Terry Norton, was professional throughout and clearly had a very good knowledge of the standard and the testing, being able to help our IT Administrator ensure the relevant audit tools were installed correctly. We also found Terry friendly, patient and helpful, which is very important for remote sessions.”

- Peter Hodgson, Viewpoint Construction Software Limited


“Professional and supportive, great customer service. Maintained a dialogue without making the candidate feel under pressure with the process. Supportive throughout.”

- Rowan Irwin, T-Systems Limited


“Brilliant service from the team who were completely supportive of someone like me who runs a microbusiness and is hopeless with technical stuff. I am so grateful fo the handholding and advice you gave me.”

- Caroline


“Thanks for all your support, team – really appreciate your assistance in getting us through this in such a short space of time. Couldn’t recommend a better group of folk to work with!”

- Rowan Troy, Six Degrees Technology Group Limited


“Amazing Service, very friendly throughout and willing to help you every step through the process.”

- Ian


“IT Governance were very helpful and really focussed on what was needed to get the certification and have a more secure setup as part of the process (we did not just get assurance, we improved our assurance process).”

- Karl Axnick, Alscient Ltd


“Terry and Dan were extremely helpful, knowledgeable, and provide quick and effective answers to any query I raised.”

- Anonymous


Benefits of Cyber Essentials Plus certification

Work with the best

IT Governance is one of the founding Cyber Essentials certification bodies and remains one of the largest in the UK. We have issued more than 6,600 certifications worldwide, and our broad range of fixed-price services has helped thousands of organisations achieve baseline cyber security.

Work with the UK government and MoD

Cyber Essentials Plus will allow you to work with the UK government and MOD.

Reduce cyber insurance premiums

Cyber insurance agencies look more favourably on organisations that have achieved Cyber Essentials certification.

Secure the supply chain

The ICO (Information Commissioner’s Office) recommends Cyber Essentials as “A good starting point” for the cyber security of the IT you rely on to hold and process personal data.

Secure more business

Cyber Essentials certification is required to bid for central government contracts that involve handling sensitive and personal information or the provision of certain technical products and services.



Cyber Essentials Plus involves a technical audit of the systems that are in scope for Cyber Essentials. This includes a representative set of workstations, mobile devices, internally hosted servers, and build types used by the organisation’s end users to complete their day-to-day duties. The number of builds is defined by the number of configurations of operating systems and software suites installed. If more than one browser or Office suite is used, each variant will need to be tested. If they are installed on the same build, this is acceptable.

  • This package includes a Cyber Essentials Plus audit at one location, of one type of user account, on up to ten sample devices. One location refers to one physical office/site, or all devices/machines selected for testing being on the same network. Additional workstations, mobile devices, server devices and build types may need to be tested to meet the sampling requirements of the scheme. If you require more than ten end-user workstations or server devices to be tested, you will need to purchase Cyber Essentials Plus Certification – Additional Device Testing. This testing will be conducted remotely in most instances.
  • If you fail any of the Cyber Essentials Plus testing performed as part of the overall engagement, we will provide details of further tests required. Cyber Essentials Plus final reports must be completed no more than 30 days after the start date of the first scans. Any remediation work and required retesting must be completed with sufficient time for QA and generation of the report and certificate within this time frame. These tests will be billed separately.
  • The package includes an external vulnerability scan for up to 16 IP addresses. If you have more than 16 IP addresses, you will need to purchase additional IP packages in packs of 16. If you fail your external scan, a rescan will need to be purchased, plus any additional IP packages that you need to cover the failing IP addresses if you have more than 16 IP addresses.
  • If you ask that testing is undertaken at your business location, additional expenses will be charged to accommodate our consultant’s travel time and costs for the on-site assessment. These will be billed separately.
  • Cyber Essentials certification: if you are not successful on your first submission for Cyber Essentials, you have two working days to submit a further attempt for certification. If you are not successful on your second submission, you will need to reapply at the cost of a new application.
  • If your Cyber Essentials Plus application is not fully completed within three months of the date of your Cyber Essentials certificate, you will need to repeat your Cyber Essentials certification at full cost.
  • If your Cyber Essentials Plus application is unsuccessful, your Cyber Essentials certification may be revoked.

This Cyber Essentials and Cyber Essentials Plus package includes the cost of your Cyber Essentials certification, as set out by IASME. Additional charges are for additional services delivered.

Please ensure you select the correct package for your organisation size. Prices quoted are available for purchase online through the website only. Any purchases processed offline through our sales teams will be subject to a £50 administration fee.

Pre-test requirements

  • All user devices are subject to testing and will be agreed upon before the testing date, including workstations, server devices within scope, mobile and BYOD (bring your own device), and must be available for testing on the agreed date/during the engagement.
  • All devices within the scope of testing must be in use user devices and cannot be built specifically for testing.
  • A genuine local user account with username and password must be available for each user in scope.
  • Devices must have Internet access, allow emails from our test domain and be accessible by our test web server (
  • You must provide details of a user email account per user being assessed.
  • Workstation builds and server devices must be configured to allow an authenticated vulnerability scan that will determine patch and version numbers of installed software, and you must provide or enter details of the administrative user account to be used.
  • Remote registry must be enabled on the workstation builds and server devices, and no global policies that block the authenticated vulnerability scan are permitted.

Customer Reviews

(5.00)stars out of 5
Number of reviews: 18
1. on 07/10/2022, said:
5 stars out of 5
Well worth the effort the great support available from IT Governance really helped
2. on 28/03/2022, said:
5 stars out of 5
Richard, our assessor was brilliant and patient and took us through without any issues. Totally professional and would definitely recommend him.
3. on 28/03/2022, said:
5 stars out of 5
The assessors were brilliant, really helpful and extremely well versed in cyber security. They provided some great information on things we could be doing better and gave us some things we should be aware of that will be part of the testing next year. A great bunch of people to spend 5 hours on a Teams call with!
4. on 07/03/2022, said:
5 stars out of 5
Excellent products and service
5. on 30/03/2021, said:
5 stars out of 5
ITG have been excellent - thank you.
6. on 30/03/2021, said:
5 stars out of 5
Overall an excellent service as usual. All queries were answered quickly and the process was painless!
7. on 22/03/2021, said:
5 stars out of 5
IT Governance were again extremely helpful and supportive with our Cyber Essentials Plus renewal process, even with the new 2020 examination regime. They enabled us to renew the qualification with flying colours.
8. on 11/03/2021, said:
5 stars out of 5
'Great service, very helpful and always quick at responding. Yvette made the process very easy!'
9. on 19/02/2021, said:
5 stars out of 5
I have just completed our Cyber Essentials Plus remote internal test with George Rees and I just wanted to say what an asset George is. He has been very attentive throughout the process, from completing the online questionnaire right through to finally finishing all the testing today. The outcome for us has been a good one but that aside he has made this otherwise complicated process very simple and stress free. Having used your services in the past I was happy to sign up again for renewal and will again. I am very happy with the whole process and would not hesitate to recommend to other IT professionals.
10. on 17/02/2021, said:
5 stars out of 5
The team made the process really easy and their guidance and support helped us achieve the certification in a short amount of time. Highly recommended
Showing comments 1-10 of 16 (Next 10)
Click here to see all reviews
SAVE 25%