Cyber Essentials Questionnaire Download

Achieving Cyber Essentials (Level 1)

Indelible Data are an approved Certification Body to assess to both Cyber Essentials and Cyber Essentials Plus.

To achieve Cyber Essentials (known as Level 1), you must first download a self assessment questionnaire from here:

Then email the completed document to (encryption keys are available).

An invoice will be raised upon receipt of the completed questionnaire. Assessments will generally be carried out within 3-5 working days.

The cost of assessment is £350.00 + VAT

Companies have a better “first time” pass rate if they have been assisted by a QG Accredited Cyber Essentials Practitioner (see list)

We also offer an expedited service (guaranteed 24 hour assessment) for companies submitting tenders and where time is of the essence.

The cost of expedited assessment is £495.00 + VAT and any follow-up assessment will also be expedited free of charge.

If your self assessment does not satisfy the requirements straight away – then don’t worry – we will contact you with action points or areas that require clarification. There will be no further charge if the issues are able to be resolved within a month. We endeavour to keep in close contact with companies / institutions until they have passed.

Achieving The Cyber Essentials Plus Badge (Level 2)

To achieve Cyber Essentials Plus (known as Level 2), download the scope and quotation form which will help us to assess the costs involved in performing an on-site vulnerability assessment.

Before the on-site assessment takes place, you must first submit the Level 1 self assessment questionnaire.

What is Cyber Essentials?

Cyber Essentials has been developed as part of the UK’s National Cyber Security Programme and aims to encourage businesses of any size to take steps towards achieving a baseline of cyber security.

It is believed that implementing the required controls could shield companies from up to 80% of the common threats from the internet.

Adopting Cyber Essentials is likely to be a major requirement to win business in many sectors in the future – and to demonstrate this, from 1 October 2014, the government requires certain suppliers bidding for certain information handling contracts to be Cyber Essentials certified.

The scheme is applicable all private sector organisations, universities, charities, and public sector organisations. . It is backed by industry including the Federation of Small Businesses, the CBI. A number of insurance companies are starting to offer incentives for organisations that conform to the scheme.

A company can gain 1 of 2 new Cyber Essentials badges: “Cyber Essentials” or “Cyber Essentials Plus”. These badges allows a company to advertise the fact that it adheres to a government endorsed standard.

The Cyber Essentials Badge is achieved after a self assessment is sent for review, along with supporting evidence, to a Certification Body under the signature of a senior director, stating that all the criteria have been met.

The key areas include secure configuration of firewalls and other devices capable of connecting to the internet, user access control, use of anti-virus software and the need to keep operating systems and programs up to date.

Cyber Essentials Plus requires the company to pass an on-site vulnerability assessment performed by the Certification Body.