Cyber Essentials Plus
Cyber Essentials Plus
Cyber Essentials Plus is an expansion upon the “Cyber Essentials Verified Self-Assessment” which includes an audit of the organisations IT systems. All organisations MUST have Cyber Essentials Verified Self-Assessed certification dated within 3 months prior to applying for Cyber Essentials Plus. Please note: Plus packages can include Cyber Essentials Verified Self-Assessment by selecting the bundle option.
Cyber Essentials Plus involves an audit of your system by one of our highly trained assessors. The aim of the assessment is to confirm that all controls that have been declared in Cyber Essentials are implemented on the organisations network. By undertaking and completing Cyber Essentials Plus, you can declare publicly, that your organisation has been proven to meet baseline security standards set out by Cyber Essentials.
The key elements of a Cyber Essentials Plus audit can be summarised as follows:
- An assessor will pick a sample of computers at your organisation and perform an audit to ensure that the devices are configured as per the scheme.
- A vulnerability scan will be performed on these machines to confirm patching and basic configuration is at an acceptable level
- An external port scan of your internet facing IP addresses will be conducted to ensure no clear and obvious misconfigurations or vulnerabilities can be identified.
- A test will be conducted on your default email/internet browser to confirm how well configured they are to prevent execution of fake malicious files.
- Screenshots will be taken as evidence that the system is Cyber Essentials compliant.
Should there be any issues identified that require remediation, there is an extended period of 30 days with this package. Failure to complete remediation in this time will result in a fail.
On successful certification of your organisation you will be provided with a certificate that is valid for 12 months from pass date. Optionally, you may be added to a list of Cyber Essentials certified companies, and you can hence forth advertise your organisations compliance to the Cyber Essentials Scheme.
Cyber Essentials Plus
Cyber Essentials Plus is an addition to Cyber Essentials Verified Self- Assessed
Cyber Essentials Verified Self Assessment is included, to be completed via our online portal Pervade. One of our skilled assessors will then perform a remote audit on your organisation.
Please be aware, on submission of your self-assessment, should any revisions be required these must be remedied and submitted within 2 days. For the plus audit you have 30 days or the application will be marked as a fail. Phone and email assistance are included with this package (up to 48 hour reply).