Cyber Essentials is a Government-backed and industry supported scheme to guide businesses in protecting themselves against cyber threats.
Certification against this scheme is increasingly required for any company bidding for government contracts and sometimes their supply chain too. In addition to this, other organisations are now starting to include Cyber Essentials certification as a requirement in their standard supplier contracts.
You can apply here
to be assessed against Cyber Essentials and obtain the certification. No uploading of evidence, vulnerability scan or site visit is required but you will need to get a board member to sign a declaration that your answers are true. The cost of self-assessment is £300 + VAT. This includes:
All the self assessment questions are available to download for free.
The download of these questions will allow you to ensure that you understand the issues and find out the answers in advance of starting the live assessment. There is no need to pay anything until you are ready to pass.
If you need help with preparing your company for Cyber Essentials, 3SDL
are a cyber security company in Malvern who are one of the IASME Certification Bodies. They would be well placed to assist you because they conduct the Cyber Essentials assessments as well as offering consultancy to help companies prepare for the assessment. You can contact them via firstname.lastname@example.org
When you are ready to take the live assessment you can apply here. You will be asked to pay £300 + vat via PayPal or you can request an invoice. Once we have received payment you will be emailed with login details of your account to complete the on-line assessment.
If you have any questions about the process please ring the IASME help line 03300 882 752
At the same time as completing the assessment against Cyber Essentials you have the option of completing questions about the governance in your company. Through these additional questions you can be awarded an IASME governance certificate which is recognised by the MoD in the Cyber Security Model (CSM) which they will be requiring all suppliers achieve later this year:
“The MoD have confirmed that any organisation with the IASME governance self assessment certification will, in due course, be able to bypass any CSM questions which cover the same ground. [A mapping exercise is planned to identify how many of them will fall into this category]. “