Cyber Essentials Questionnaire Free Download

Indelible Data is an approved Certification Body to assess companies to both Cyber Essentials and Cyber Essentials Plus.

To see a sample of our Cyber Essentials client-base from a wide range of sectors, please click here

To achieve Cyber Essentials (known as Level 1), you must first download a self assessment questionnaire.

Download Self Assessment Questionaire

Then email the completed document to (encryption keys are available). It is recommended that you password protect your responses.

An invoice will be raised upon receipt of the completed questionnaire. Assessments will completed within five working days.

The cost of assessment is £300.00 + VAT

The cost of expedited assessment is £495.00 + VAT

The expedited service is a guaranteed 24-hour assessment for those companies submitting tenders where time may be of the essence. The price includes expedited remedial assessments if required.

If your self assessment does not satisfy the requirements straight away – then don’t worry – we will contact you with action points or areas that require clarification. There will be no further charge if the issues are able to be resolved within a month. We endeavour to keep in close contact with companies / institutions until they have passed.

If you wish to download our Public Key for encryption purposes please click here.

Achieving The Cyber Essentials Plus Badge (Level 2)

To achieve Cyber Essentials Plus (known as Level 2), download the scope and quotation form which will help us to assess the costs involved in performing an on-site vulnerability assessment.

Cyber Essentials Plus Download

Before the on-site assessment takes place, you must first submit the Level 1 self assessment questionnaire.

What is Cyber Essentials?

Cyber Essentials has been developed as part of the UK’s National Cyber Security Programme and aims to encourage businesses of any size to take steps towards achieving a baseline of cyber security.

It is believed that implementing the required controls could shield companies from up to 80% of the common threats from the internet.

Adopting Cyber Essentials is likely to be a major requirement to win business in many sectors in the future – and to demonstrate this, from 1 October 2014, the government required certain suppliers bidding for certain information handling contracts to be Cyber Essentials certified.

The scheme is applicable to all private sector organisations, universities, charities, and public sector organisations. . It is backed by industry including the Federation of Small Businesses, the CBI. A number of insurance companies are starting to offer incentives for organisations that conform to the scheme.

A company can gain 1 of 2 new Cyber Essentials badges: “Cyber Essentials” or “Cyber Essentials Plus”. These badges allows a company to advertise the fact that it adheres to a government endorsed standard.

The Cyber Essentials Badge is achieved after a self-assessment is sent for review, along with supporting evidence, to a Certification Body under the signature of a senior director, stating that all the criteria have been met.

The key areas include secure configuration of firewalls and other devices capable of connecting to the internet, user access control, use of anti-virus software and the need to keep operating systems and programs up to date.

Cyber Essentials Plus requires the company to pass an on-site vulnerability assessment performed by the Certification Body.

Certification at either Cyber Essentials or Cyber Essentials Plus should be seen as a snapshot of the organisation’s ability to mitigate the risks from the given Internet based threats at the time of assessment. It does not indicate how sustainable this will be.

Organisations will need to recertify once a year, or more frequently as necessary to meet specific procurement or customer requirements.

For more information please visit the government’s website.