Achieve certification and protect your organisation from the majority of the common cyber security threats.
We are here to help you achieve Cyber Essentials Scheme Certification as easily and as painlessly as possible. We have tried to make this page as informative as we can, without overwhelming you with technical jargon. If at any stage you find you have any kind of issue, or don't understand anything, please don't hesitate in reaching out and one of our friendly team will call you back.
The Cyber Essentials scheme is a simple yet effective, UK Government backed framework which is run in association with the National Cyber Security Centre (NCSC).
The scheme is based around just 5 essential security controls that, if implemented correctly, will help to protect your organisation against a range of the most common internet based cyber attacks.
In addition to Cyber Essentials being a mandatory requirement for acceptance onto numerous supplier frameworks, certifying to the Cyber Essentials standard can help to showcase an organisation’s commitment to cyber security this is a useful marketing tool with which to attract potential clients. Achieving certification may also entitle your organisation to free cyber security insurance.
CND has provided Cyber Essentials certification since 2016 and is licenced by the Cyber Essentials Partner to the NCSC to conduct both Cyber Essentials (CE) and Cyber Essentials PLUS (CE PLUS) assessments.
CE consists of a self-assessed questionnaire (SAQ) designed to assess whether applicants meet the required standard. The SAQ is completed by the applicant organisation and submitted online via an assessment portal. Upon submission, the SAQ responses are independently reviewed by a qualified assessor who will then issue a certificate with a pass or guidance with a fail.
Free cyber insurance is offered to all qualifying organisations that achieve the standard, with the certification being valid for 12 months.
CE PLUS revolves around the same basic controls as CE. The difference between the certifications is that CE PLUS requires a qualified assessor to independently audit the applicant organisation. Achieving the CE PLUS certification results in a higher degree of assurance that the required standards have been met.
CE certification is a prerequisite to achieving CE PLUS, which must then be attained within a 3-month period. CE PLUS certification is valid for 12 months.
Getting Certified couldn't be easier, simply choose one from the following three options:
For our returning clients seeking a renewal, or clients who are experienced with Cyber Essentials, this is our no thrills service which offers you a simple pass/fail based upon the answers provided within your SAQ.
If you were to fail, you will be advised as to why and then given 2 working days to remediate the issues, adjust your SAQ and resubmit.
Note: CE certification criteria is regularly updated, so please don't hesitate in requesting the latest question set from us before embarking.
Unless you are an existing client, we request payment prior to marking the SAQ. We offer PayPal for ease and expediency, however, if you prefer traditional invoicing methods please get in touch.
Renewal PayPal link provided upon request.
Cyber Essentials PLUS must be completed within 3 months of passing Cyber Essentials.
The Cyber Essentials PLUS scoping call is primarily used to determine the ‘representative sample’ that will be tested as part of the certification. The call will include a review of your CE SAQ, an informal discussion about your network and an overview of the process that we will undertake. During the discussion we will agree whether a site visit is required; it should be noted that our CE Plus audit can be performed remotely.
Following the scoping call and confirmation of the representative sample, you will be given a quote for the cost of the Cyber Essentials PLUS audit, if you decide to proceed we will ensure all relevant paperwork is in place before dates are confirmed.
CND Assessors can work with you to undertake the entire Cyber Essentials PLUS audit remotely, though we can attend site should you prefer. If we do need to attend site, we prefer to perform as many remote checks as we can beforehand, as this helps to reduce the likelihood of further visits should we encounter any problems that prevent you from passing.
The CND Assessor will audit your organisation to verify that it meets the CE controls. This is achieved by conducting a series of tests on a representative sample of your 'in scope' systems as well as carrying out external and internal vulnerability assessments.
Once you have passed you will be issued with your report and certificate.