Description
About Cyber Essentials Plus
Cyber Essentials Plus is an audit of your Cyber Essentials self-assessment. You must complete Cyber Essentials Plus within 3 months of completing your self-assessment.
Cyber Essentials Plus is an audit of your system by one of our trained assessors, who are verifying that the controls in your self-assessment have been accurately declared. It includes vulnerability scans to determine that updates to any known critical and high-risk security issues have been applied. Completing Cyber Essentials Plus provides an additional level of reassurance that you have applied the recommended baseline of cyber security controls to your system.
How To Apply
- Ensure that you have a valid Cyber Essentials self-assessment certificate. You must be able to complete your Plus assessment within 3 months of gaining your self-assessment certificate. Please note that we have a 2–3 week wait for scheduling a Plus test. You will also need to allow time to remediate any issues.
- If you need to complete a self-assessment, you can add this during the Plus purchase process as a bundle (available above).
- If you begin the Plus process with a valid self-assessment and this lapses during the scanning/remediation period, you will need to complete a new self-assessment. If your setup hasn’t changed, this will not affect your ongoing Plus assessment.
- Once purchased, we will contact you within 12 working hours to request a copy of your completed self-assessment and to help you book your audit. If you added the self-assessment during the purchase process, we will create your account for the assessment portal (portal.iasme.co.uk) within 12 working hours.
- Please note: You may prefer not to book your test immediately, but please note you have 6 months to complete your Plus application. If not completed by this point, you will need to purchase a new application.
- Once we have confirmed you have a valid self-assessment, you will receive links to the Audit Agreement and Technical Questionnaire. These must be filled out, signed, and returned to us in advance of your audit. We will review your self-assessment and let you know the required device sample.
- Your audit will be conducted remotely. You will need to allow a full working day for the audit, and a technical contact will need to be on hand to assist with any technical issues.
- If your organisation passes the assessment, your certification will be valid for 12 months from the date of issue.
Services
- We offer three service levels:
- Standard: If you do not pass the audit, you will have 30 days to remediate before we review and rescan. If you do not pass the second audit, you will fail the assessment. You will then have an additional 30 days to remediate. If you do not successfully remediate, you will need to repurchase the assessment.
- Extra Help: We will support you throughout the process, providing several free rescans. Please note we cannot guarantee a pass.
- Fast Track can be applied to any of the above service levels. We will conduct your first audit as soon as possible and always within 1 week of purchase. We will also schedule any rescans as quickly as possible (dependent on how much time your organisation requires for remediation).
For more information, see our Terms and Conditions.
