Cyber Essentials is a series of self-assessment questions that when answered will highlight and provide visibility of areas of cyber risk your business is exposed too. This allows you to make changes and become a Cyber essentials certified business.

​

You work through all the questions which are then assessed by the awarding body and you will pass or fail. We have supported services which come with assistance and pre checking of your answers before marking. We haven't had a client who's taken our supported service and followed our advice who has failed and we've marked thousands of assessments. Or if you know you will pass we also have a marking only service which is simply that, we mark your submission and if its compliant we issue your certificate. No fuss, no support, no turnaround SLA's, just a submission marking.

​

The basic level of Cyber Essentials (CE) does not require any vulnerability or third-party testing like the higher Cyber Essentials Plus certification which required an audit of your answers.

This is one of the most common questions and include: Are home user devices included? What about Microsoft 365? My company accesses a remote desktop environment so are the PC's and laptops still in scope? What about staff's personal phones?

Basically, any devices used to access (and not necessarily store) company data is in scope. That's a very simple way of describing it and the UK Governments NCSC change the framework from time to time. If you would like to check what's covered in the Cyber Essentials assessment you can download the governments Requirements for IT Infrastructure document here. The NCSC sometimes change the link so if you cant download the document please let us know.