Description
Why become Cyber Essentials Plus certified?
Cyber Essentials Plus is an expansion upon Cyber Essentials. An organisation must have Cyber Essentials verified self-assessed certification prior to applying for Cyber Essentials Plus, Our Cyber Essentials has the basic certificate included so there is no more to pay.
Cyber Essentials Plus involves an audit of your system by one of our trained assessors. The aim of the assessment is to confirm that all controls that have been declared to be in use in Cyber Essentials are in use and accurate. By undertaking and completing Cyber Essentials Plus, you can declare publicly to your supply chain that your organisation meets baseline security standards – enabling you to interact with clients, business partners and staff confidently and securely.
How To Apply
- Ensure that you have completed Cyber Essentials verified self-assessed prior to purchasing Cyber Essentials Plus. If not. pick the No option.
- Add “Cyber Essentials Plus” to your cart and complete purchase (We can’t start the process until the order is paid in full)
- We will contact you within 24 Working hours to discuss the certification and answer any questions you may have
- You will be able to download a copy of the Self-assessment Preperation Booklet so you can get started straight away.
- if you added the self assessment we will create an account for you on portal.iasme.co.uk Within 12 working hours (weekdays). This is the online portal that you will submit your final answers to for assessment.
- Once submitted, your assessor will mark your answers against the scheme criteria via the online portal and produce a summary report of their findings. PLEASE NOTE: Once your organisation has submitted your answers, the assessor must mark this submission with a pass or a fail. Cancellation of a submission is not permissible in the event of a fail.
- If successful in certifying for Cyber Essentials Self Assessment, you will be provided with a certificate of compliance. Your certification will be valid for 12 months from the date the certificate was issued.
- If your organisation fails the assessment, your organisation will have 2 days from the time of failure to remediate the identified failing point and resubmit for free (maximum of 1 resubmission), and if the changes are deemed acceptable then the assessor will produce you a report and certificate
- If on second submission, your organisation is deemed not to be Cyber Essentials compliant, the assessor will mark your organisation as having failed certification. There is a minimum wait of 30 days before your organisation and reapply.
- Once the sef assessment is completed. You will receive an email with links to the following documents that must be signed, dated and returned to us:
Pretesting Technical Document & Testing Agreement - Once returned, if all is in order, your assessor will arrange a date for the audit. This will be conducted remotely. We will require a full working day provisioned for conducting the audit, and a technical contact on hand to assist with any technical issues.
- Once the audit has concluded, the assessor will mark their findings against both the Cyber Essentials Plus criteria and your original Cyber Essentials Self Assessment to ensure compliance.
- If successful in certifying for Cyber Essentials Plus, you will be provided with a certificate of compliance. Your certification will be valid for 12 months from the date the certificate was issued.
- If your organisation fails the assessment, your organisation will have 30 days from the time of failure to remediate the identified failing points and resubmit for free (maximum of 1 resubmission), and if the changes are deemed acceptable then the assessor will produce you a report and certificate of compliance.
- If on second submission, your organisation is deemed not to be Cyber Essentials compliant, the assessor will mark your organisation as having failed certification. There is a minimum wait of 30 days before your organisation and reapply. PLEASE NOTE: Failure of a Cyber Essentials Plus audit may result in any Cyber Essentials Basic certification held by the applicant being rescinded due to non-compliance.
- We allow you 6 months to complete your Plus audit and you must have a valid Self assessment no older than 3 months old. If you take longer to complete your assessment or audit extra charges will apply.