Achieve certification and protect your organisation from the majority of the common cyber security threats.
We are here to help you achieve Cyber Essentials Scheme Certification as easily and as painlessly as possible. We have tried to make this page as informative as we can, without overwhelming you with technical jargon. If at any stage you find you have any kind of issue, or don't understand anything, please don't hesitate in reaching out and one of our friendly team will call you back.
The Cyber Essentials scheme is a simple yet effective, UK Government backed framework which is run in association with the National Cyber Security Centre (NCSC).
The scheme is based around just 5 essential security controls that, if implemented correctly, will help to protect your organisation against a range of the most common internet based cyber attacks.
In addition to Cyber Essentials being a mandatory requirement for acceptance onto numerous supplier frameworks, certifying to the Cyber Essentials standard can help to showcase an organisation’s commitment to cyber security this is a useful marketing tool with which to attract potential clients. Achieving certification may also entitle your organisation to free cyber security insurance.
CND has provided Cyber Essentials certification since 2016 and is licenced by the Cyber Essentials Partner to the NCSC to conduct both Cyber Essentials (CE) and Cyber Essentials PLUS (CE PLUS) assessments.
Cyber Essentials - Self Assessment
CE consists of a self-assessed questionnaire (SAQ) designed to assess whether applicants meet the required standard. The SAQ is completed by the applicant organisation and submitted online via an assessment portal. Upon submission, the SAQ responses are independently reviewed by a qualified assessor who will then issue a certificate with a pass or guidance with a fail.
Free cyber insurance is offered to all qualifying organisations that achieve the standard, with the certification being valid for 12 months.
Cyber Essentials PLUS - External Audit
CE PLUS revolves around the same basic controls as CE. The difference between the certifications is that CE PLUS requires a qualified assessor to independently audit the applicant organisation. Achieving the CE PLUS certification results in a higher degree of assurance that the required standards have been met.
CE certification is a prerequisite to achieving CE PLUS, which must then be attained within a 3-month period. CE PLUS certification is valid for 12 months.
Getting Certified couldn't be easier, simply choose one from the following three options and your price will be dependant on your number of staff:
- PayPal easy pay link below.
- Up to three re-tests within 6 months.
- PayPal easy pay link below.
- Up to three re-tests within 30 days.
For our returning clients seeking a renewal, or clients who are experienced with Cyber Essentials, this is our no frills service which offers you a simple pass/fail based upon the answers provided within your SAQ.
If you were to fail, you will be advised as to why and then given 2 working days to remediate the issues, adjust your SAQ and resubmit.
Note: CE certification criteria is regularly updated, so please don't hesitate in requesting the latest question set from us before embarking.
- One Free re-test within 48 Hours.
Cyber Essentials Basic Pricing Table
Number of Staff
Renewal/Pass or Fail
PayPal Easy Pay - Invoice payment available upon request
Cyber Essentials PLUS Process
Cyber Essentials PLUS must be completed within 3 months of passing Cyber Essentials.
The Cyber Essentials PLUS scoping call is primarily used to determine the ‘representative sample’ that will be tested as part of the certification. The call will include a review of your CE SAQ, an informal discussion about your network and an overview of the process that we will undertake. During the discussion we will agree whether a site visit is required; it should be noted that our CE Plus audit can be performed remotely.
Following the scoping call and confirmation of the representative sample, you will be given a quote for the cost of the Cyber Essentials PLUS audit, if you decide to proceed we will ensure all relevant paperwork is in place before dates are confirmed.
CYBER ESSENTIALS PLUS AUDIT
CND Assessors can work with you to undertake the entire Cyber Essentials PLUS audit remotely, though we can attend site should you prefer. If we do need to attend site, we prefer to perform as many remote checks as we can beforehand, as this helps to reduce the likelihood of further visits should we encounter any problems that prevent you from passing.
The CND Assessor will audit your organisation to verify that it meets the CE controls. This is achieved by conducting a series of tests on a representative sample of your 'in scope' systems as well as carrying out external and internal vulnerability assessments.
Once you have passed you will be issued with your report and certificate.