Cyber Essentials packaged solutions
IT Governance’s fixed-price solutions can help you achieve certification to either Cyber Essentials or Cyber Essentials Plus at a pace and for a budget that suits you.
All Cyber Essentials certifications are managed through our CyberComply online portal. This is a unique online service that enables companies to follow a convenient do-it-yourself approach, including managing and tracking the certification process.
The Cyber Essentials certification process includes a self-assessment questionnaire (SAQ) and an external vulnerability scan. This ensures that best practice is in place and that there are no known vulnerabilities present on the Internet-facing networks and applications.
Cyber Essentials Plus
Cyber Essentials Plus certification includes all of the assessments for the Cyber Essentials certification, and also includes an additional internal scan and an on-site assessment of your infrastructure, specifically focusing on workstations and mobile devices.
*All of our packages include an external vulnerability scan that covers up to 16 IP addresses.
Please view the individual product pages for further details about specific testing requirements and conditions. All of our prices exclude VAT.
Alternatively, email us or call +44 (0) 845 070 1750 for a custom quote.
Which package should you choose?
Do It Yourself (DIY)
Choose this solution if you are comfortable carrying out the Cyber Essentials preparations yourself. With this option, you can submit the self-assessment questionnaire (SAQ) and undertake the assessments once you are ready for certification.
Get A Little Help (GALH)
We recommend this option for organisations that are confident they have the skills to reach Cyber Essentials certification, but need a little guidance to point them in the right direction
Get A Lot Of Help (GALOH)
This option is an all-inclusive package for large organisations with complex organisational structures, or organisations that have no prior experience implementing an information security management system.
Cyber Essentials provides a basic level of cyber security; if you are interested in progressing to a more advanced stage of information security by implementing a holistic information security management system, you can discover more by reading about ISO 27001 and the Cyber Essentials scheme >>
Cyber Essentials package extras
Cyber Essentials Vulnerability Scan Additional IPs
If you have more than 16 IP addresses, you will need to expand your external vulnerability scan to account for them. These are purchased in blocks of 16 IP addresses.
Live Online consultancy is ideal for companies that are uncertain about the requirements of the scheme, which option to choose, or how to define the scope of the certification.
Cyber Essentials Plus Health Check
This bespoke, on-site, one-day service is designed for larger organisations with more complicated networks and scoping needs, and will assess your current environment against the requirements of Cyber Essentials Plus.
This toolkit includes all the necessary work procedures and processes for ensuring that the controls you implement are effective.
Cyber Essentials Gap Analysis Tool
This tool enables you to identify the controls that you need to put in place in order to meet the requirements of the Cyber Essentials scheme, and monitors your progress towards compliance.
Available in multiple formats.
Cyber Essentials – A Pocket Guide
If you are completely new to the Cyber Essentials scheme, we recommend reading Cyber Essentials – A Pocket Guide. The guide is a non-technical explanation of Cyber Essentials, making it easy for anyone to understand the scheme and how to meet its requirements.
Available in multiple formats.
Package contents explained
All companies that meet the requirements of Cyber Essentials or Cyber Essentials Plus will be certified by IT Governance, which is a CREST-accredited Cyber Essentials certification body.
All of our Cyber Essential packages include an external vulnerability scan. This is an additional service that independently verifies the security status of each company that undergoes Cyber Essentials certification through us. Non-CREST-accredited certification bodies may not offer this service.
Cyber Essentials documentation toolkit (Back to table)
The Cyber Essentials documentation toolkit includes all of the necessary customisable policies and procedures to meet the Cyber Essentials requirements. The templates include guidance on correctly implementing and maintaining your cyber security controls.
If you need guidance or just peace of mind on any part of the Cyber Essentials certification process, then our Live Online consultancy is perfect for you. Our team of consultants have helped to certify hundreds of organisations and provide expert advice.
On-site consultancy is conducted by an expert cyber security practitioner. They will provide guidance on completing the self-assessment questionnaire and how to implement the five controls required by the scheme, and will help define the scope for certification.
The on-site assessment is a requirement for all companies wishing to achieve Cyber Essentials Plus. We will visit your office(s) and thoroughly check whether the solutions you have put in place comply with the control requirements.
The internal vulnerability scan is a requirement for all companies wishing to achieve Cyber Essentials Plus. It involves a scan of your in-scope internal network, with a focus on workstations and mobile devices. It aims to find out whether the Cyber Essentials controls have been properly implemented and to check that known vulnerabilities have been addressed.
Other products you might be interested in: