Skip to Main Content
0
United Kingdom
Select regional store:
Prepare for the storms and navigate to cyber safety with IT Governance. Find out how
Cyber Security > Cyber Essentials and Cyber Essentials Plus Certification
Cyber Essentials and Cyber Essentials Plus Certification

Cyber Essentials and Cyber Essentials Plus Certification

SKU: 5567
Format: Certification (online purchases only)
(8 reviews)

This service will help you achieve IASME-licensed Cyber Essentials and Cyber Essentials Plus certification. It includes:

  • Your Cyber Essentials and Cyber Essentials Plus certificates upon successful completion of all elements;
  • Cyber Essentials certification includes our Precheck Service of your responses to the SAQ (self-assessment questionnaire) by one of our security experts before submission to determine whether you are likely to pass on that basis;
  • Free cyber insurance and support; and
  • A certification guarantee*.
  • Cyber Essentials Plus certification includes an on-site or remote assessment and internal vulnerability; and external vulnerability scan.

This package auto-renews in line with our terms and conditions.

Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account. Apply online today or call our service centre team on +44 (0)333 800 7000.

From£1,950.00
ex. VAT

You may also be interested in

Cyber Essentials Toolkit
Cyber Essentials Toolkit
Cyber Essentials Plus Health Check (Level 2)
Cyber Essentials Plus Health Check
Cyber Essentials Plus - Get A Little Help
Cyber Essentials Plus - Get A Little Help
Phishing Staff Awareness Course
Phishing Staff Awareness Training Programme
Description

Cyber Essentials and Cyber Essentials Plus Certification

This service includes both Cyber Essentials and Cyber Essentials Plus certifications. If you already have a recently acquired Cyber Essentials Certification you may be able to purchase our Cyber Essentials Plus Certification.

This service is for organisations that have a high degree of knowledge of all five security controls and are comfortable carrying out all the preparations for certification themselves.

What’s included?

  • A £300 charge for IASME Cyber Essentials certification;
  • A precheck of your Cyber Essentials questionnaire answers before your first submission to determine whether you are likely to pass on that basis;
  • Access to the IASME portal, where you will submit your self-assessment;
  • An on-site assessment, internal vulnerability scans and external vulnerability scans;
  • Free cyber insurance available to UK companies with a turnover of less than £20 million;
  • Your Cyber Essentials and Cyber Essentials Plus certificates; and
  • A certification guarantee*.

*Certification guarantee

Please note: Our certification guarantee is based on your organisation implementing all the required controls and providing us with your application to check before your first submission. It is limited to your Cyber Essentials application only. Full details can be found in our FAQs

How the certification process works:

  • We send you access details for the IASME Cyber Essentials portal via email.
  • You log on to the IASME portal, where you will define your scope for testing and complete the IASME SAQ (self-assessment questionnaire) using your knowledge of the scheme.
  • We review your assessment before your first submission and inform you whether you are likely to meet the criteria needed to achieve certification.
  • You update the SAQ based on our feedback, confirm, and submit your application on the IASME portal.
  • Subject to a positive outcome, we issue your Cyber Essentials certificate.
  • Once you are Cyber Essentials certified, you schedule your on-site assessment, which will include the internal vulnerability scan.
  • We conduct the internal assessment and perform the necessary internal scan on a sample of your Internet-facing devices. We provide the results of the internal assessment and scan. If there are nonconformities, we will also provide feedback to help you understand how to close these gaps and achieve certification.
  • We schedule your external vulnerability scan.
  • Subject to a positive outcome, you receive your Cyber Essentials Plus certificate and report.

Is this service right for you?

  • You are confident in defining the scope of your assessment encompassing the entire organisation;
  • You own and operate your entire scope of IT infrastructure;
  • You are familiar with the five key controls covered in the Cyber Essentials questionnaire and how to meet them; or
  • You have previously certified and are looking to renew and your scope has not changed.

Upgrade to Cyber Essentials Plus - Get a Little Help

Do you need help defining your scope or are you unclear about any of the five Cyber Essentials control areas? If so, we recommend that you purchase our Cyber Essentials Plus – Get A Little Help package, as this includes 2 hours of remote consultancy support.

We will then be able to help you through the application process. Alternatively, you can buy our Cyber Essentials Remote Support alongside Cyber Essentials Plus Certification.

Learn more about Cyber Essentials - Get a Little Help

Benefits

Benefits of Cyber Essentials Plus certification

Work with the UK government & MoD

Cyber Essentials Plus will allow you to work with the UK government and MoD.

Reduce cyber insurance premiums

Cyber insurance agencies look more favourably on organisations that have achieved Cyber Essentials certification.

Secure the supply chain

The ICO (Information Commissioner’s Office), recommends Cyber Essentials as “A good starting point” for the cyber security of the IT you rely on to hold and process personal data.

Secure more business

Cyber Essentials certification is required to bid for central government contracts that involve handling sensitive and personal information or the provision of certain technical products and services.

Conditions

Conditions

Cyber Essentials Plus involves a technical audit of the systems that are in scope for Cyber Essentials. This includes a representative set of workstations, mobile devices and build types used by the organisation’s end users to complete their day-to-day duties. The number of builds is defined by the number of configurations of operating systems and software suites installed. If more than one browser or Office suite is used, each variant will need to be tested. If they are installed on the same build, this is acceptable.

  • This package includes on-site testing at one location, of one type of user account, on up to ten sample devices. Additional workstations, mobile devices and build types may need to be tested to meet the sampling requirements of the scheme. If you require more than ten end-user workstations to be tested, you will need to purchase Cyber Essentials Plus Additional Device Testing. This testing can be conducted remotely in some instances.
  • The package includes a free vulnerability scan for up to 16 IP addresses. If you have more than 16 IP addresses, you will need to purchase additional IP packages in packs of 16. If you fail your external scan, a rescan will need to be purchased, plus any additional IP packages that you need to cover only the failing IP addresses if completed with 14 days of the first passing element.
  • If your business is located outside mainland UK, additional expenses will be charged to accommodate our consultant’s travel time and costs for the on-site assessment. These will be billed separately.
  • If you are not successful on your first submission for Cyber Essentials, you have two working days to submit a further attempt for certification. If you are not successful on your second submission, you will be required to wait one month before reattempting at the cost of a new application.
  • If your Cyber Essentials Plus application is unsuccessful, your Cyber Essentials certification may be revoked.
  • Free cyber insurance is available to UK organisations with a turnover of less than £20 million. Includes 24-hour helpline to report a cyber incident. Total liability limit of £25,000.

Pre-test requirements

  • All user devices are subject to testing and will be agreed upon before the testing date, including mobile and BYOD (bring your own device), and must be available for testing.
  • All devices within the scope of testing must be user devices and cannot be built specifically for testing.
  • A local user account with username and password must be available for each user group in scope.
  • Devices must have Internet access, allow emails from our test domain and be accessible by our test web server (https://ces.itgovernance.co.uk).
  • You must provide details of a user email account per user group being assessed.
  • Workstation builds must be configured to allow an authenticated vulnerability scan that will determine patch and version numbers of installed software. You must provide details of the user account to be used.
  • Remote registry must be enabled on the workstation builds, and no global policies that block the authenticated vulnerability scan are permitted.

Customer Reviews

(5.00)stars out of 5
# of Ratings: 8
(Only registered customers can rate)
1. on 18/12/2020, said:
5 stars out of 5
In depth and straightforward at the same time. The service and support was excellent and so proactive. Keep up the good work!
2. on 09/12/2020, said:
5 stars out of 5
Thank you so much for all your help, support and advice. Really do appreciate it. Thanks again to everyone – and we’ll speak this time next year, if not before!
3. on 24/11/2020, said:
5 stars out of 5
From ease of ordering the audit to continual communication throughout the process. What can be a challenging audit was made to run smoothly through out. All was managed remotely including Audit and testing.
4. on 12/10/2020, said:
5 stars out of 5
Really great support, and we got certified really quickly!
5. on 27/08/2020, said:
5 stars out of 5
The team made the process so easier and their guidance and support helped us achieve the certification in a short amount of time. Highly recommended
6. on 13/07/2016, said:
5 stars out of 5
ICONICS required Cyber Essentials Plus as it was a requirement for the work we do with UK Government departments. It provides validation that the security measures that we have put in place to look after our customer’s data is effective and robust. The process of certification through IT Governance was straight-forward with really helpful contacts right from initial consultation with Zak Rush through to the final certification. The process was completed quickly and very cost effectively and we had great help from Alex Drabek, our on-site auditor. The CyberComply website makes filling in and tracking the process simple. Milesh Patel, Director of Solutions, ICONICS
Showing comments 1-6 of 6
This website uses cookies. View our cookie policy
WIN £100
Loading...