Cyber Essentials Plus Extra.
Plus Extra includes everything that Cyber Essentials Plus, but adds an additional layer of support. In effect, we will perform an pre-audit of your system prior to the final audit to ensure that your organisation is prepared to pass first time. This is ideal for organisations who wish to get Cyber Essentials Plus Certified but are unsure if their organisation has achieved the required level.
Whilst we need to remain independent throughout the process, and therefore cannot directly engaged with your systems to implement change, we can assist by delivering advice on what changes must be made to get certified. Once we feel that your organisation is setup to the correct standard we would then arrange the final audit.
How To Apply
- Ensure that you have completed Cyber Essentials verified self-assessed prior to purchasing Cyber Essentials Plus Extra. If not. pick the Basic/Plus bundle option.
- Add “Cyber Essentials Plus Extra” to your cart and complete purchase
- An assessor will contact you same day to discuss the certification and answer any questions you may have.
- You will receive an email with links to the following documents that must be signed, dated and returned to us:
> Pretesting Technical Document> NDA Agreement> A copy of your Cyber Essentials Basic questionnaire
- As you have purchased Plus Extra – Our assessor will conduct a pre-audit of your network to identify any points that they believe would result in your organisation failing Cyber Essentials Plus first time. This will include a report of any remediation work required to get your organisation Cyber Essentials compliant. Extended phone support is also available as part of Plus Extra.
- Once we are happy that your organisation is reading to pass Cyber Essentials, our assessor will arrange a date for the audit. This will be conducted remotely. We will require a full working day provisioned for conducting the audit, and a technical contact on hand to assist with any technical issues.
- Once the audit has concluded, the assessor will mark their findings against both the Cyber Essentials Plus criteria and your original Cyber Essentials questionnaire to ensure compliance.
- If successful in certifying for Cyber Essentials Plus, you will be provided with a certificate of compliance. Your certification will be valid for 12 months from the date the certificate was issued.
- If your organisation fails the assessment, your organisation will have 30 days from the time of failure to remediate the identified failing points and resubmit for free (maximum of 1 resubmission), and if the changes are deemed acceptable then the assessor will produce you a report and certificate of compliance.
- If on second submission, your organisation is deemed not to be Cyber Essentials compliant, the assessor will mark your organisation as having failed certification. There is a minimum wait of 30 days before your organisation and reapply. PLEASE NOTE: Failure of a Cyber Essentials Plus audit will result in any Cyber Essentials Basic certification held by the applicant being rescinded due to non-compliance.