Cyber Essentials and Cyber Essentials Plus

Cyber Essentials & Cyber Essentials Plus

Cost-effective, essential cyber security for organisations of all sizes

Request a Quote        FREE CE+ Webinar On-demand

Cyber Essentials Certification

Cyber Essentials is a certification scheme developed by the UK Government and industry to help protect organisations against common online attacks. Certification is mandatory for many UK Government contracts and is becoming increasingly desirable for private sector contracts.

It defines a focused set of controls that provide a basic level of cyber security hygiene for organisations of all sizes. It offers an independently certified mechanism for organisations to demonstrate to their customers, internal stakeholders, investors, insurers and others that they have taken these essential precautions.

Risk Crew is an accredited CE & CE+ certification body, we offer various levels of support to ensure you achieve both certifications and realise the security benefits for which the scheme was designed. Learn the difference between Cyber Essentials and Cyber Essentials Plus below.

If you choose our supported routes to certification, we are on hand (virtually or on-site) to provide guidance and remedial advice throughout the whole process.

Whether you choose Cyber Essentials or Cyber Essentials Plus, Risk Crew’s CE experts will provide their expanded expertise to help you gain certification.

Cyber Essentials – Features and Components

Risk Crew can help your organisation achieve certification through one of our bespoke, cost-effective services that best suits your needs.

Cyber Essentials Certification

This service is ideal for organisations with good IT/information security knowledge. Deliverables include:

  • Platform registration
    Risk Crew will register you on the CE certification platform, you’ll be issued an account and 2FA login credentials.
  • Issue questionnaire
    The platform will issue your online questionnaire for completion.
  • Questionnaire assessment
    Once submitted, a certified Risk Crew CE assessor will review your questionnaire within 48 hours and a ‘Pass’ or ‘Fail’ is determined.
  • Issue correction notes (if a fail)
    Risk Crew will provide correction notes describing the required remediation for each area of non-conformity identified.
  • Free reassessment
    You’ll have 30 days to correct any non-conformities and resubmit to qualify for the free reassessment.
  • Cyber insurance
    Free cyber insurance is available to UK companies with an annual turnover of less than £20m.
  • Certification
    Upon a ‘Pass’ determination, certification will be awarded. CE certification is valid for 12 months.

Fees:
£300.00

Cyber Essentials Supported Certification

This service provides advice and extra support you may need to reach certification. Deliverables include:

  • ‘Dress rehearsal’ questionnaire assessment
    Prior to the formal questionnaire assessment and submission, the Risk Crew CE assessor will review your answers to ensure they fully comply with the requirements of the scheme.
  • Remediation support (if non-compliant)
    If your questionnaire responses fall short, Risk Crew will provide full remediation advice. Unlimited email/telephone/virtual support is available during this phase.
  • Platform registration
    Risk Crew will register you on the CE certification platform, you’ll be issued an account and 2FA login credentials.
  • Issue questionnaire
    The platform will issue your online questionnaire for completion.
  • Formal questionnaire assessment and outcome
    A CE assessor will review your final responses and will not formally submit your questionnaire until it will successfully pass.
  • Cyber insurance
    Free cyber insurance is available to UK companies with an annual turnover of less than £20m.
  • Certification
    Upon a ‘Pass’ determination, certification will be awarded. CE certification is valid for 12 months.

Fees:
£650.00

Cyber Essentials PLUS Supported Certification*

*Organisations applying for CE+ must have achieved the basic Cyber Essentials and hold a valid CE certificate dated within the last 3 months.

This service provides advice and extra support you may need to reach certification. Deliverables include:

  • External vulnerability scanning
    Risk Crew will conduct vulnerability scanning of all external IPs.
  • On-site/remote audit and assessments
    Risk Crew will conduct a remote or an on-site assessment to verify compliance with your questionnaire responses in areas of malware protection and patch management of End User Devices to include mobile devices.
  • Provide remediation support if there is a FAIL
    Where we observe any areas of non-compliance or the scanning detects High/Critical vulnerabilities, Risk Crew will provide results with remediation advice. Unlimited email/telephone/virtual support is available during this phase. Our goal is to get you ready for the reassessment within the next 24 hours.
  • Free reassessment
    If we are not able to support your remediation to a level that warrants a reassessment within the next 24 hours, you’ll have 30 days to correct the non-conformities and/or vulnerabilities to qualify for the free retest. Unlimited email/telephone/virtual support is still available during this phase.
  • Cyber insurance
    Free cyber insurance is available to UK companies with an annual turnover of less than £20m.
  • Certification
    Upon a ‘Pass’ determination, certification will be awarded. CE Plus certification is valid for 12 months.

Get a Quote

What’s the difference between the two certifications?

 

Organisations self-assess their systems, policies and security controls by completing an online self-assessment questionnaire (SAQ). Risk Crew will then verify that your questionnaire responses comply with Cyber Essentials requirements. The SAQ spans five key security areas:

   1. Boundary firewalls and internet gateways

   2. Secure configuration

   3. Access control

   4. Malware protection

   5. Patch management

Cyber Essentials Plus has the Cyber Essentials trademark simplicity of approach, and the protection areas you need to put in place are the same. However, in order to achieve Cyber Essentials Plus certification Risk Crew needs to conduct an on-site verification of your CE questionnaire responses and a technical assessment of the security integrity of your IT infrastructure.

Cyber Essentials Benefits

Cyber Essentials helps guard against the most common cyber threats and demonstrates your organisation’s commitment to cyber security.

Achieving certification to the scheme will provide the following benefits:

✓ Protect against common cyber attacks

✓ Show commitment to protect customer data standard

✓ Reduce the risk/likelihood of a breach

✓ Meet the required for public sector contracts

✓ Get an understanding of your risk level

✓ Provide customer & vender assurance

Why Choose Risk Crew

All our Cyber Essentials certification services are delivered by seasoned Practitioners, Auditors and Security Testing Engineers who also possess a host of industry-recognised information security governance, risk and compliance certifications.

When you choose Risk Crew, you’re electing to work with qualified experts.

Demonstrate that Your Organisation is Taking Essential Cyber Security Measures.

Request a Quote to Get Started Today

Our CE experts will contact you to discuss your specific requirements



    Penetration Testing Services of Interest:

    Cyber Essentials CertificationCyber Essentials Supported CertificationCyber Essentials PLUS CertificationCyber Essentials PLUS Supported Certification

    View our privacy notice here.