Cyber Essentials Plus accreditation/certification explained
When the UK government introduced the Cyber Essentials Scheme in 2014 they announced two levels of Certifications businesses can go through. First, one being the Cyber Essentials (CE) and the Second one is Cyber Essentials Plus (CE Plus) with the latter being more advanced. Cyber Essentials is a self-assessment certification where you would fill in a self-assessment questionnaire and an assessor from the certification body assesses the questionnaire and marks it a pass or fail.
On the other hand, Cyber Essentials Plus includes self-assessment as well as a systems assessment. Check out our blog article on ‘What is the process for Cyber Essentials plus certification?’ The following technical security controls will be tested
- Secure configuration
- User Access Controls
- Patch Management
- Malware Protection
As part of the systems assessment, the assessor will run an internal & external Vulnerability assessment, Email attachment test, browser download test, and user access control test. Check out our blog article on ‘What exactly is included in Cyber Essentials Plus audit?’ for more information.
Cyber Essentials Plus certification will cost you around £1,900 + VAT for certification only. It includes the self-assessment questionnaire as well as the systems assessment. There are no extra charges. However, if you are seeking assistance from a consultant/company to help you prepare for the certification or conduct a pre-assessment then it will cost you more.
A common misconception about the certification is that a Penetration test needs to be done. A penetration testing is not necessary for the CE plus certification. It is the vulnerability assessment that is performed on your systems. If you fail the assessment you will have 30 days to fix the issues and re-submit the application without any additional charges. If you are not sure you can sign up for our ‘Cyber Essentials Plus extra’ which includes the pre-assessment and gap analysis so that you know where the gaps are and fix them before submitting the application.
Get certified today
Step 1: Organisation Size
Step 2: Pick Cyber Essentials Package
Cyber Essentials Basic - CEB001
£300 + VAT
2 Days for Remediation
1 Day Turnaround
Guided Cyber Essentials - CEB002
£500 + VAT
Everything in CEB001 plus
Cyber Essentials Plus - CEP001
£1500 + VAT
Everything in CEB002 Plus
30 Day Remediation
Systems Audit (remote)
Guided CE Plus - CEP002
£2500 + VAT
Everything in CEP001 plus
Pre- systems Audit
Gap Analysis report
The most common challenge the companies come across in this process is not having up to date 3rd party applications and local admin accounts for SMBs. Check out our blog article on ‘Cyber Essentials Plus certification patching requirements’ to find out the exact requirements.
Your organisation will achieve both levels of Cyber Essentials scheme when you pass the CE Plus. Then it is an annual re-certification process. The process is the same every year but hopefully easier the second time. You can also sign up for our quarterly assessment to make sure you are on the right track and avoid surprises at the re-certification time.
Hope that has helped you. Try our quick Cyber Essentials checklist below to find out if you will pass. It will give you instant results.
Do check out our other cybersecurity case studies:
- Maersk Ransomware Attack
- British Airways Data Breach Fine by ICO of £183.4million
- Colleges and Universities in the UK targeted by cyber-attacks during the pandemic
- Microsoft Servers Hit by Cyberattack 2021
- Peterson Control Union Email Phishing & Security Awareness training
Also check out our blogs on Cyber Essentials & Cyber Essentials Plus certification:
- Cyber Essentials Cost
- Cyber Essentials Lead time
- Cyber Essentials checklist
- Cyber Essentials Frequently Asked Questions
- CE Plus process
TechForce Cyber Talks Cyber Security to the Portlethen Academy Students
TechForce's Arbrar visits Portlethen Academy to educate the students on Cyber Security wellness and provide hints and tips for ensuring they are cyber safe.More
5 Reasons to get Cyber Essentials and Plus for your Business
There have been a few changes made to the framework in the year 2022 and 2023. The changes in 2022 were major and 2023 were not so much.More
What Exactly Happens During the Cyber Essentials Plus Technical Audit?
This is one of the most frequently asked questions, what exactly happens during the Cyber Essentials Plus audit or sometimes we get asked ‘what is the exact process for Cyber Essentials Plus...More
Cyber Essentials for Remote Businesses
Cyber essentials refer to the fundamental technical controls and practices that businesses need to have in place to protect their digital systems and data from cyber threats.More
FOR LATEST UPDATES SUBSCRIBE HERE: