Cyber Essentials Plus Internal Retest

SKU: 4837

Authors: ITGP

Format: Consultancy

The internal retest is for organisations that fail their initial Cyber Essentials Plus certification internal assessments.

Cyber Essentials Plus certification requires a test of your organisation’s in-scope internal network, with a focus on workstations and mobile devices. If you fail your initial internal tests, then you need to purchase this retest.

The CREST-accredited Cyber Essentials scheme is now closed to new entrants with effect from 1 April 2020. IT Governance is unable to accept new customers under the replacement scheme until contractual issues have been addressed. As soon as they have, we can process new Cyber Essentials certification applications.

Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account. Apply online today or call our service centre team on +44 (0)333 800 7000.

Price: £1,250.00

ex vat

Description

The prerequisites for testing

This package includes on-site testing at one location, of one type of user account, on up to ten device builds.

The duration and number of locations that must be included in the internal testing depend on the number of builds of user devices (including BYOD) that are within the scope of the certification.

The number of locations to be tested depends on whether all the different builds can be tested in one location. It is permissible to arrange a build to be delivered at a particular site for testing purposes, even if it is not normally deployed there, providing it accesses the Internet in its usual manner.

The number of builds is defined by the number of configurations of operating system and the suite of software installed. Examples of relevant software are listed below.

Oracle Java
Adobe Acrobat
Microsoft Office
Adobe Flash
Mozilla Firefox

Google Chrome
Opera
Microsoft Internet Explorer
Antivirus solution

If more than one browser is used then each variant will be in scope for testing.

Test requirements

All user device builds to be tested, including mobile and BYOD, must be available for testing.
Local user accounts with username and password must be available for each user group in scope.
Internet access from the devices being tested must be able to receive emails from our test domain and be accessible by our test web server (https://ces.itgovernance.co.uk/).
Details of a user email account per user group being assessed must be provided.
Workstation builds must be configured to allow an authenticated vulnerability scan that will determine patch and version numbers of installed software, and details of the account to be used.
Remote registry must be enabled on the workstation builds, and no global policies that block the authenticated vulnerability scan are permitted.

Click here for repeat testing and assessment fees.

Conditions

Client site visits outside mainland UK (England, Scotland and Wales), where required, are subject to travel expenses. Expenses will be assessed and charged in arrears.

Read our Cyber Essentials FAQs here.