Indelible Data is an approved Certification Body to assess to both Cyber Essentials and Cyber Essentials Plus.
Cyber Essentials Certification at Level 1 costs £300+VAT.
In order to apply for assessment, you must answer the Cyber Essentials questions on our portal
Please pay in our shop to receive a login to the portal where you can submit your responses.
Assessments will generally be carried out within 3-5 working days. If you don’t pass, you have up to 10 working days to address the issues and resubmit at no extra cost.
Some clients prefer to compile answers on a spreadsheet before submitting. You can get the Cyber Essentials questionnaire in spreadsheet format from our downloads page here but this document cannot be imported/uploaded to the portal. The questions must be answered again on the portal.
We highly recommend reading our Guide to passing Cyber Essentials first time page which takes takes you through the whole journey, including how to scope, the level of detail required in each of the responses, and common issues assessors find when marking assessments.
We do also offer a 24hr pre-assessment check service costing £495+VAT. You can pay in our shop for this service which includes:
- Assessing the responses and giving feedback identifying points of failure to be addressed before submission to the portal.
- Inputting the spreadsheet responses to the portal on your behalf.
- Issuing a certificate within 24hrs of submission to the portal
Companies have a better “first time” pass rate if they have been assisted by a QG ACE Practitioner (see list)
We endeavour to keep in close contact with companies / institutions until they have passed.
Achieving Cyber Essentials Plus (Level 2)
To achieve Cyber Essentials Plus (known as Level 2), download the scope and quotation form which will help us to assess the costs involved in performing an on-site vulnerability assessment.
Before the assessment takes place, you must submit responses on the Cyber Essentials portal to achieve Level 1 (or have achieved Level 1 no more than three months before achieving Plus). A login would be sent to you as part of the Cyber Essentials Plus process and the cost of assessment and Certification at Level 1 would be included with Cyber Essentials Plus.
What is Cyber Essentials?
Cyber Essentials has been developed as part of the UK’s National Cyber Security Programme and aims to encourage businesses of any size to take steps towards achieving a baseline of cyber security.
It is believed that implementing the required controls could shield companies from up to 80% of the common threats from the internet.
Adopting Cyber Essentials has become a major requirement to win business in many sectors. For example, the government requires certain suppliers bidding for some contracts to be Cyber Essentials certified.
The scheme is applicable all private sector organisations, universities, charities, and public sector organisations. It is backed by industry including the Federation of Small Businesses, the CBI.
A company can gain the relevant Cyber Essentials badges: “Cyber Essentials” and “Cyber Essentials Plus”. These badges allow a company to advertise the fact that it adheres to a government endorsed standard.
The Cyber Essentials Badge is achieved after a self assessment is sent for review to a Certification Body with the approval of a senior director, stating that all the criteria has been met.
The key areas include secure configuration of firewalls and other devices capable of connecting to the internet, user access control, use of anti-virus software and the need to keep operating systems and programs up to date.
Cyber Essentials Plus requires the company to pass an onsite or remote vulnerability assessment performed by the Certification Body.