The Cyber Essentials qualification is a certification scheme developed by the UK Government and industry to help protect organisations against common online attacks. It defines a focused set of controls that provide a basic level of cyber security hygiene for organisations of all sizes.

Attaining this certification helps:

Provide a framework to defend your organisation against common cyberattacks

Demonstrate your commitment to safeguarding customer and vendor data 

Qualify for public sector contracts

Assess your current risk profile

Risk Crew is an accredited Cyber Essentials & Cyber Essentials+ certification body, we offer various levels of support to ensure you achieve both certifications and realise the security benefits for which the scheme was designed.

Cyber Essentials Certification

 Cyber Essentials Certification Packages

Whether you choose Cyber Essentials or Cyber Essentials Plus, Risk Crew’s CE experts will provide their expanded expertise to help you gain certification.

Cyber Essentials Certified Badge

Cyber Essentials Basic

Cyber Essentials is the foundational certification. Your organisation will complete a self-assessment questionnaire, and Risk Crew will verify that the questionnaire responses comply with controls such as Firewall Settings, Secure Configuration, Access Control, Malware Protection, and Security Update Management.

This level is ideal for smaller organisations or those starting to improve their cyber security.

Request a quote
Cyber Essentials plus certification - Risk Crew

Cyber Essentials Plus

Cyber Essentials Plus is the advanced version that includes all Cyber Essentials requirements. It goes further with an independent technical assessment and penetration testing. Our Certified Assessor will conduct on-site visits and tests for vulnerabilities, providing a higher level of assurance.

It’s ideal for any size of organisation with sensitive data or elevated cyber security risks.

Request a quote

Risk Crew’s Step-by-Step Process to Get You Certified

Risk Crew can help your organisation achieve certification through one of our bespoke, cost-effective services that best suits your needs.

This service is ideal for organisations with good IT/information security knowledge. Deliverables include:

  • Platform Registration: Risk Crew will register you on the Cyber Essentials certification platform, and you’ll be issued an account and 2FA login credentials.
  • Issue Questionnaire: Upon registration,  the platform will issue your online questionnaire for completion.
  • Questionnaire Assessment: Once submitted, a certified Risk Crew CE Assessor will review your questionnaire within 48 hours and a ‘Pass’ or ‘Fail’ is determined.
  • Issue Correct Notes (If a Fail): Risk Crew will provide correction notes describing the required remediation for each area of non-conformity identified.
  • Free Reassessment: You’ll have 30 days to correct any non-conformities and resubmit to qualify for the free reassessment.
  • Cyber Insurance: Free cyber insurance is available to UK companies with an annual turnover of less than £20m.
  • Cyber Essentials Certification: Upon a ‘Pass’ determination, certification will be awarded. CE certification is valid for 12 months.

Fee:
Starting at £300.00 (prices vary based on organisation size).

This service provides advice and extra support you may need to reach Cyber Essentials certification. Deliverables include:

  • “Dress Rehearsal” Questionnaire Assessment: Prior to the formal questionnaire assessment and submission, the Risk Crew CE Assessor will review your answers to ensure they fully comply with the requirements of the scheme.

  • Remediation Support (If Non-Compliant): If your questionnaire responses fall short, Risk Crew will provide full remediation advice. Unlimited email/telephone/virtual support is available during this phase.

  • Platform Registration: Risk Crew will register you on the Cyber Essentials Certification platform, and you’ll be issued an account and 2FA login credentials.

  • Issue Questionnaire: The platform will issue your online questionnaire for completion.

  • Formal Questionnaire Assessment and Outcome: Our Cyber Essentials Assessor will review your responses, and they will only formally submit your questionnaire if it passes successfully.

  • Cyber Insurance: Free Cyber Insurance is available to UK companies with an annual turnover of less than £20m.

  • Certification: Upon a ‘Pass’ determination, certification will be awarded. CE certification is valid for 12 months.

Fee: £995.00 (prices vary based on organisation size).

*Organisations applying for CE+ must have achieved the basic Cyber Essentials and hold a valid CE certificate dated within the last 3 months.

This service provides advice and extra support you may need to reach certification. Deliverables include:

  • External Vulnerability Scanning: Risk Crew will conduct vulnerability scanning of all external IPs.
  • On-site/remote Audits and Assessments: We will proceed to conduct a remote or an on-site assessment to verify compliance with your questionnaire responses in areas of malware protection and security update management of End User Devices including mobile devices.
  • Provide Remediation Support If There Is a Fail: Where we observe any areas of non-compliance or the scanning detects High/Critical vulnerabilities, Risk Crew will provide results with remediation advice. Unlimited email/telephone/virtual support is available during this phase. Our goal is to get you ready for the reassessment within the next 24 hours.
  • Free Reassessment: If we are not able to support your remediation to a level that warrants a reassessment within the next 24 hours, you’ll have 30 days to correct the non-conformities and/or vulnerabilities to qualify for the free retest. Unlimited email/telephone/virtual support is still available during this phase.
  • Cyber Insurance: Free cyber insurance is available to UK companies with an annual turnover of less than £20m.
  • Cyber Essentials Certification: Upon a ‘Pass’ determination, certification will be awarded. CE Plus certification is valid for 12 months.

We Don’t Sell Products, We Sell Results.

✓ Competitive and Transparent Pricing

Our service comes with fixed pricing with no unexpected added costs. Additionally, we offer a managed service to conduct penetration testing on a continual basis.

✓ Flexible Delivery

This service can be delivered on-site or remotely using cutting-edge technology to maintain the security of our communications. Whichever method you opt for, quality service and hands-on expertise  are provided.

✓ Experienced Practitioners

Risk Crew has over 20 years of practical knowledge and we follow best practices including ISO 27001, PCI, Data Protection Act 2018 and the GDPR.

✓ 100% Satisfaction Guarantee

We think deeply, question assumptions, detect cause and effect and deliver measurable results. No one else does that. Our deliverables produce metrics you can use to monitor and manage real-world cyber risks.

LAURA WELFORD

QUALITY MANAGER

“We have worked with Risk Crew for a number of years on our Cyber Essentials Plus certification. They have provided exceptional support, advice and guidance throughout the process and have always gone the extra mile to ensure we understand the requirements and how to evidence them. We feel that Risk Crew would provide a great service to companies both new to Cyber Essentials and those seeking to recertificate, and hope to continue working with them for many years to come!”

Speak With a Consultant Today

Attain your Cyber Essential Certification with ease and gain customer or vendor confidence.

Access More Cyber Essentials Resources

add_task

Cyber Security: How to Protect Your Business

In this blog post, we will look at how some major shifts will impact the three pillars of cyber security: People, Process, and Technology.

download

Tips to Achieving Cyber Essentials Plus

On this webinar, our CE experts discuss the benefits of achieving Cyber Essentials+ and provide 5 tips on how to attain certification.

auto_stories

Cyber Essentials: The Changes

In this blog post, we discuss some of the 2020 changes with Cyber Essentials and how your organisation can benefit from them.

Frequently Asked Questions

If there are any questions you have that we haven’t answered below, explore our recent blog post Cyber Essentials Plus – Your Burning Questions Answered.

What are the Steps to Achieving Cyber Essentials Plus?

If you are considering a Cyber Essentials certification, you should follow these steps. First, appoint an IASME Cyber Essentials certification body, who you will work closely with you to prepare for and gain the certification. The most important step is preparation for the following assessments:

External vulnerability scan (all external-facing IPs)
Internal vulnerability scan (a sample of devices)
Questionnaire audit
Malware check (AV, Email)
Mobile device check

Once you have prepared, you’ll have three months to submit your application for the CE+ certification. If you have met the requirements, you’ll be rewarded with the badge. For more detailed steps on achieving Cyber Essentials, read our recent blog post.

Can Cyber Essentials Plus be Achieved Remotely?

Due to Covid-19, many organisations have moved operations and staff online. The good news is that you can gain the Cyber Essentials Plus certification remotely. assessment scope remains the same as in-person assessments. For more information, read our blog post – Can I get Cyber Essentials Plus Certification Remotely?

What Should You Do Once Cyber Essentials Plus has Been Achieved?

While the Cyber Essentials certification is a highly-recognised achievement within itself, it doesn’t cover all areas of cyber security, such as social engineering. To ensure you are protecting your organisation against all security threats, you should consider undertaking other certifications, such as ISO 27001, which certifies your business in information security management. To find out more, read our recent blog post about what to do after achieving Cyber Essentials Plus.

How Much Does Cyber Essentials Cost?

The basic Cyber Essentials certification starts at £300, but this may increase depending on the size of your organisation. If your organisation needs extra support, the Cyber Essentials Supported certification the cost starts at £995. Each Cyber Essentials certification is valid for 12 months.