How Do I Pass Cyber Essentials plus Certification?
Before you know the answer to ‘How do I pass Cyber Essentials certification’ you need to know which level of Cyber Essentials certification you will want to achieve. There are two levels of certification. One is Cyber Essentials and another is Cyber Essentials Plus. With the latest changes made by National Cyber Security Centre (NCSC) to Cyber Essentials certification IASME is the only approved accreditation body. As per the changes, to achieve Cyber Essentials Plus certification you will need to pass Cyber Essentials basic level (self-assessment) first. Here is the process involved in applying and passing the Cyber Essentials plus certification.
What’s required to pass Cyber Essentials plus?
Cyber Essentials certification has clearly defined requirements in order to pass the certification. There are 5 different areas of your IT setup that will be in the scope of the assessment. They are Firewalls, Secure configuration, User Access Controls, Patch Management and Malware management. You will need to ensure these 5 topics are covered and no gaps exist. For more information please refer to our blog article ‘Everything You Need to Know About Cyber Essentials’.
Once you decide to achieve the cyber Essentials certification and the level of the certification, you will need to find a certification body to apply for the certification. Your IT department or IT support company will help you with this. You can find the list of Cyber Essentials certification bodies here on the IASME website.
The process for Cyber Essentials certification
For base level Cyber Essentials certification, it’s a self-assessment questionnaire you will need to go through. The certification body will give you access to a portal where you will need to answer the questions about your IT infrastructure. Once you submit the application the system will notify you if you passed or not. If you didn’t pass and there are gaps identified then you will have 3 days to fix the gaps and submit the application without any extra costs. If you do not pass this time too then you will need to make the fresh application and pay for it again. Perhaps, our pre-assessment service will come in handy in this instance.
For Cyber Essentials Plus certification, you will need to pass the base level certification process first then a remote/on-site audit will be performed by the Certification body. If the cyber essentials audit results come back with no gaps then you will be awarded CE Plus certification. If there are gaps identified then you will have 15 days to fix them and go through the assessment again. If you do not pass this time too then you will need to make a fresh application and pay for it again. The biggest challenge we see customers face is 3rd party patch management. If you have the patch management under control then you can expect no surprises in passing the certification. Here is an article where we listed the 'Cyber Essentials Scheme patching requirements'. Perhaps, our pre-assessment & gap analysis service will come in handy in this instance.
Passing Cyber Essentials certification is a fairly straightforward process if your IT infrastructure is properly maintained. If not, you will either need to go through the requirements and update all the relevant areas in the scope or get the certification body to do a pre-assessment. Here is the 'Cyber Essentials checklist' that might come in handy for you. Think about the MOT for a car. Once that’s done, find the certification body and go through the process. Please note that Cyber Essentials certification is an annual thing where you need to go through the re-certification process annually.
- What is Email Phishing and how to detect & prevent phishing emails?
- Cyber Essentials Scheme Patching Requirements
- Quick tips to improve your board’s cybersecurity awareness
- Cyber Essentials Plus Checklist
- What is Cyber Essentials and What has changed in 2020
- Why is Cyber Essentials Important?
- Protecting your Work From Home Workforce
- Risks of staying with Windows 7
- How to implement a SIEM
- Deadline for the Cyber Essentials Voucher
- Congratulations to the Techforce Sponsorship winners
- Secure Your Supply Chain
- Case study: British Airways Fined £183.4million for Data Breach
- The Silver Bullet in Cyber Security
- Is it a good idea to build your own Security Awareness Training platform?
- Invoice fraud email scams and Office 365
- How to apply for the Cyber Essentials Voucher Scheme
- 5 things to consider when selecting a Security Awareness Training (SAT) platform
- 2 Years, Marmite and £600,000
- What is Business Email Compromise (BEC) and how to stop it
- Everything you need to know about Cyber Essentials
- How to choose a Security Awareness Platform
- How to pick the best Antivirus software for your business
- 6 Quick and Easy Email Security Tips for Dummies
- How to carry out an email phishing test?
- How to share passwords safely in your Small Business
- 10 Steps to Cyber Security explained
- 5 Reasons why you should consider having two monitors
- What is Email phishing & why you need security awareness training in your business
- 6 Top Tips to Prevent Cyber Attacks
- How to choose the best IT Service Provider for your business
- How to choose the best Antivirus software for your business
FOR LATEST UPDATES SUBSCRIBE HERE: