Please get in touch to ask us any
questions you may have regarding
process, costs or completion of the
We will respond as soon as we can.
If it is an urgent question, please call
01900 818 000 or 07773 080503
Indelible Data are an approved Certification Body to assess to both Cyber Essentials and Cyber Essentials Plus.
To achieve Cyber Essentials (known as Level 1), you must first download a self assessment questionnaire from here:
Then email the completed document to email@example.com (encryption keys are available). It is recommended that you password protect your responses. If you wish to download our Public Key please click here
An invoice will be raised upon receipt of the completed questionnaire. Assessments will generally be carried out within 4-5 working days.
The cost of assessment is £350.00 + VAT
The cost of expedited assessment is £495.00 + VAT
The expedited service is a guaranteed 24 hour assessment for those companies submitting tenders where time may be of the essence. The price includes expedited remedial assessments if required.
If your self assessment does not satisfy the requirements straight away - then don't worry - we will contact you with action points or areas that require clarification. There will be no further charge if the issues are able to be resolved within a month. We endeavour to keep in close contact with companies / institutions until they have passed.
To achieve Cyber Essentials Plus (known as Level 2), download the scope form (below) and email to firstname.lastname@example.org to us to assess the costs involved in performing an on-site vulnerability assessment.
Before the on-site assessment takes place, you must first submit the Level 1 self assessment questionnaire.
Cyber Essentials has been developed as part of the UK’s National Cyber Security Programme and aims to encourage businesses of any size to take steps towards achieving a baseline of cyber security.
It is believed that implementing the required controls could shield companies from up to 80% of the common threats from the internet.
Adopting Cyber Essentials is likely to be a major requirement to win business in many sectors in the future - and to demonstrate this, from 1 October 2014, the government required certain suppliers bidding for certain information handling contracts to be Cyber Essentials certified.
The scheme is applicable to all private sector organisations, universities, charities, and public sector organisations. . It is backed by industry including the Federation of Small Businesses, the CBI. A number of insurance companies are starting to offer incentives for organisations that conform to the scheme.
A company can gain 1 of 2 new Cyber Essentials badges: "Cyber Essentials" or "Cyber Essentials Plus". These badges allows a company to advertise the fact that it adheres to a government endorsed standard.
The Cyber Essentials Badge is achieved after a self assessment is sent for review, along with supporting evidence, to a Certification Body under the signature of a senior director, stating that all the criteria have been met.
The key areas include secure configuration of firewalls and other devices capable of connecting to the internet, user access control, use of anti-virus software and the need to keep operating systems and programs up to date.
Cyber Essentials Plus requires the company to pass an on-site vulnerability assessment performed by the Certification Body.
Certification at either Cyber Essentials or Cyber Essentials Plus should be seen as a snapshot of the organisation’s ability to mitigate the risks from the given Internet based threats at the time of assessment. It does not indicate how sustainable this will be.
Organisations will need to recertify once a year, or more frequently as necessary to meet specific procurement or customer requirements.
For more information please visit the government's website.