Account
Basket
USA
Select regional store:
Please enter more than 3 characters
Save 25% on instructor-led and self-paced foundation training. Book now!
Cybersecurity Solutions

Cyber Essentials Certification | Overview & Process

What is the Cyber Essentials scheme?

Cyber Essentials is a UK government's Cyber Essentials scheme. It is based on the government’s "10 Steps to Cyber Security" program
and administered by the NCSC (National Cyber Security Centre).

The Cyber Essentials scheme has two objectives:

  • To set out 5 basic cybersecurity controls that can protect organisations from “around 80% of common internet cyber attacks”; and
  • To provide a simple and affordable certification process for organisations to demonstrate that they have implemented essential cyber security measures.

There are 2 levels of Cyber Essentials certification:

  • Cyber Essentials
  • Cyber Essentials Plus

IT Governance is a CREST-accredited certification body for the Cyber Essentials scheme, but from 1 April 2020 will be accredited by IASME, in line with changes to the Cyber Essentials scheme implemented by the NCSC. You can learn more about these changes below. Get certification quickly and easily with our fixed-price packages.

Simple and proactive security wins

The UK government's Cyber Essentials scheme provides:

  • The five controls you should implement to achieve a baseline of cybersecurity
  • An assurance framework to reassure your clients and help you win more contracts
  • The ability to advertise your cybersecurity credentials on the directory of organizations awarded Cyber Essentials certification.

IT Governance is a CREST-accredited certification body for the Cyber Essentials scheme. With our Cyber Essentials online portal, achieving certification couldn’t be easier. Here’s how it works.

 

Cyber Essentials Portal

Cyber Essentials Certification

Cyber Essentials

A self-assessment option that demonstrates you have essential controls in place to help protect against a wide variety of the most common cyber attacks. The certification process has been designed to be lightweight and easy to follow. It includes an SAQ (self-assessment questionnaire) and an external vulnerability scan.

Buy now

Cyber Essentials Plus Certification

Cyber Essentials Plus

A self-assessment option that demonstrates you have essential controls in place to help protect against a wide variety of the most common cyber attacks. It includes an SAQ (self-assessment questionnaire), an external vulnerability scan, an additional internal scan and an on-site assessment.

Buy now

Three steps to Cyber Essentials certification

1. Complete your SAQ

Log in to our online portal, which provides a secure, user-friendly system to help define the scope of your assessment to complete your SAQ.

The portal will automatically mark your responses and provide you with an interim result.

Cyber Essentials Certification Portal

2. Schedule your scans

Because we are a CREST-accredited certification body, you’ll get the added benefit of an external vulnerability scan to verify that your controls are operating effectively.

For Cyber Essentials Plus, you’ll need to arrange an additional internal scan and an on-site assessment.

Cyber Essentials Certification Portal

3. Receive your certificate

IT Governance assessors will review your submission and compile a report, which is checked by our quality assessor.

If all activities result in a pass, we'll issue a certificate for your organization.

If you do not pass your initial assessment, you will have to be reassessed.

Cyber Essentials Certification Certificate

Cyber Essentials certification cost

With IT Governance, you can complete the entire certification process quickly and easily using our online portal for as little as $390.

Get Cyber Essentials Certified

Not ready to be certified?

Follow the links below to find out more about the five essential controls and the activities you should be routinely undertaking to protect your organization.

Secure configuration

Boundary firewalls and Internet gateways

Access control

Malware protection

Patch management

This website uses cookies. View our cookie policy
Save on
Training