We can now offer clients Cyber Essentials Plus, an expansion upon our Cyber Essentials Self-Assessment services we currently offer.
What do you need for Cyber Essentials Plus?
Organisation must have Cyber Essentials verified self-assessed certification no older than 3 months old prior to applying for Cyber Essentials Plus.
What is involved?
Achieving Cyber Essentials Plus provides further assurances to your security stance as it involves an audit of your system by an officially trained assessor. Confirming that all declared controls in your Cyber Essentials have been implemented within the organisations network. By gaining Cyber Essentials Plus, organisations can demonstrate that they meet baseline security standards set out by the UK Government Cyber Essentials scheme to their customers and supply chain.
The Key Elements:
Our assessor will pick a sample of computers at your organisation (up to 5 of each type of machine depending on scale of your network) and perform an audit to ensure that the devices are configured as per the scheme.
A vulnerability scan will be performed on these machines to confirm patching and basic configuration is at an acceptable level.
An external port scan of your internet facing IP addresses will be conducted to ensure no clear and obvious misconfigurations or vulnerabilities can be identified.
A test will be conducted on your default email/internet browser to confirm how well configured they are to prevent execution of fake malicious files.
Screenshots will be taken as evidence that the system is Cyber Essentials compliant.
If there is required remediation, your organisation will have 30 days to remedy the issues else the organisation will be considered to have failed the audit.
Successful certification, your organisation will be provided with a certificate that is valid for 12 months from pass date. Cyber Essentials and Cyber Essentials Plus has to be renewed yearly. Optionally, you may be added to a list of Cyber Essentials certified companies, and you can hence forth advertise your organisation's compliance to the Cyber Essentials Scheme.
For further information or an informative discussion on how we can help your organisation achieve Cyber Essentials and Cyber Essentials Plus, please call the sales team on 01752 724000 or email firstname.lastname@example.org.