Cyber Essentials Plus accreditation/certification explained

When the UK government introduced the Cyber Essentials Scheme in 2014 they announced two levels of Certifications businesses can go through. First one being the Cyber Essentials (CE) and Second one is Cyber Essentials Plus (CE Plus) with the later being more advanced. Cyber Essentials is a self-assessment certification where you would fill in a self-assessment questionnaire and an assessor from the certification body assesses the questionnaire and marks it a pass or fail.

On the other hand, Cyber Essentials Plus includes the self-assessment as well as a systems assessment. Check out our blog article on ‘What is the process for Cyber Essentials plus certification?’ The following technical security controls will be tested

  1. Firewalls
  2. Secure configuration
  3. User Access Controls
  4. Patch Management
  5. Malware Protection


DOWNLOAD CYBER ESSENTIALS QUESTIONNAIRE FOR FREE


As part of the systems assessment the assessor will run an internal & external Vulnerability assessment, Email attachment test, browser download test and user access controls test. Check out our blog article on ‘What exactly is included in Cyber Essentials Plus audit?’ for more information.

Cyber Essentials Plus certification will cost you around £1,900 + VAT for certification only. It includes the self-assessment questionnaire as well as the systems assessment. There are no extra charges. However, if you are seeking assistance from a consultant/company to help you prepare for the certification or conduct a pre-assessment then it will cost you more.

A common misconception about the certification is that a Penetration test needs to be done. A penetration testing is not necessary for the CE plus certification. It is the vulnerability assessment that is performed on your systems. If you fail the assessment you will have 30 days to fix the issues and re-submit the application without any additional charges. If you are not sure you can sign up for our ‘Cyber Essentials Plus extra’ which includes the pre-assessment and gap analysis so that you know where the gaps are and fix them before submitting the application.

DOWNLOAD CYBER ESSENTIALS CHECKLIST PDF FOR FREE

Get certified today

  • Cyber Essentials Basic - CEB001

    £299

    Self-Assessment

    2 Days for Remediation

    1 Day Turnaround

    £25k Cyber Insurance*

    *Insurance details are on IASME website

  • Guided Cyber Essentials - CEB002

    £499

    Everything in CEB001 plus

    Pre-assessment

    Online/Phone Support

    *Insurance details are on IASME website

  • Cyber Essentials Plus - CEP001

    £1,899

    Everything in CEB002 Plus

    30 Day Remediation

    Systems Audit (remote)

    *Insurance details are on IASME website

  • Guided CE Plus - CEP002

    £2,999

    Everything in CEP001 plus

    Pre- systems Audit

    Gap Analysis report

    -

    MOST POPULAR

    *Insurance details are on IASME website

The most common challenge the companies come across in this process is not having up to date 3rd party applications and local admin accounts for SMBs. Check out our blog article on ‘Cyber Essentials Plus certification patching requirements’ to find out the exact requirements.

Your organisation will achieve both levels of Cyber Essentials scheme when you pass the CE Plus. Then it is an annual re-certification process. The process is the same every year but hopefully easier the second time. You can also sign up for our quarterly assessment to make sure you are on the right track and avoid surprises at the re-certification time.

Hope that has helped you. Try our quick Cyber Essentials checklist below to find out if you will pass. It will give you instant results.


Related Articles

FOR LATEST UPDATES SUBSCRIBE HERE:

Back to startx