What is Cyber Essentials?

Cyber Essentials is a Government-backed certification that demonstrates your business has taken the necessary steps to protect against basic cybersecurity threats. There are two levels of certification: Cyber Essentials and Cyber Essentials Plus.

What is the difference between Cyber Essentials Plus and Cyber Essentials?

The standard Cyber Essentials certification is an online self-assessment. Cyber Essentials Plus is a more rigorous assessment that includes on-premise verification of your self-assessment. Cyber Essentials is suitable for most small businesses, while Cyber Essentials Plus is recommended for larger businesses and those who want to demonstrate their cybersecurity measures to clients, insurers, and professional bodies.

What does Cyber Essentials test?

The Cyber Essentials assessment tests five key areas of your cybersecurity infrastructure: firewalls, secure configuration, user access control, malware protection, and patch management.

What are the benefits of Cyber Essentials Certification?

Both Cyber Essentials and Cyber Essentials Plus offer several benefits to businesses. By meeting the certification's requirements, businesses protect themselves from the majority of basic cybersecurity threats. The certification proves to clients, insurers, and governing bodies that your business is committed to protecting IT infrastructure and data. It can also help you win new business, as many government and private sector contracts require or encourage Cyber Essentials certification.

What do I get for completing the certification?

Upon completing Cyber Essentials, you will receive a certificate reference number and a Cyber Essentials badge to showcase on your website and marketing materials. Your business will also be listed on the NCSC's database of Cyber Essentials-certified organizations.

What's the difference between Cyber Essentials vs ISO 27001?

Cyber Essentials can be considered a stepping stone towards full ISO 27001 certification. Cyber Essentials focuses on basic cybersecurity measures, while ISO 27001 is a more comprehensive assessment. If your business is already ISO 27001 compliant, achieving Cyber Essentials certification will be relatively straightforward.

How long does Cyber Essentials Certification last?

Cyber Essentials certification is valid for one year. Organizations must be recertified annually, which is why committing to an ongoing package is recommended. This ensures ongoing security and reduces the effort and cost of annual renewals.

We passed last year. Does this guarantee a pass on our renewal?

Gaining Cyber Essentials certification in the previous year does not guarantee a pass in the following year's renewal. Businesses must stay up to date with the requirements and implement them throughout the year to ensure a successful renewal. That's why an ongoing service is provided as part of our packages, helping you remain compliant throughout the year and significantly reducing the cost and effort required for recertification.

If we fail, can we try again and how much does it cost?

If you fail the initial Cyber Essentials assessment, you have three days to address the issues and resubmit the application. For Cyber Essentials Plus certification, the timeframe is extended to 15 days. While Method IT guarantees certification for businesses that sign up for our plans, it is still possible to fail the initial assessment. However, we will work with you to ensure you submit a passing application within the specified time limit.

What is the benefit of working with a certification body?

Applying for Cyber Essentials certification on your own can be a time-consuming process. If you fail the assessment, it may not be clear what went wrong or how to fix it. Working with a Certification Body like Method IT streamlines the application process. We can identify areas for improvement, explain the necessary steps to pass, and even complete the application on your behalf. Ongoing support is also provided to keep your business protected throughout the year and reduce the effort and cost of future recertifications.

Cyber Assurance Certification | Guaranteed First-Time Pass

Cyber Assurance is a comprehensive, risk-based framework that lets organisations of any size improve their cyber security posture and demonstrate their credentials to clients, regulators and government bodies.

Obtaining Cyber Assurance certification is easy with Method. Our dedicated service guarantees you pass and provides ongoing support to keep your business protected. We’ll help you implement vital cyber security, privacy, and data protection measures, establish strict controls over sensitive data and acquire an accreditation that can open the door to public and private contracts.

Ensure compliance with data protection and privacy regulations like GDPR

Increase customer trust through strong data protection protocols

Access private and government contracts that require enhanced data protection

You will receive a certificate for passing the assessment, a listing on the Cyber Assurance database, a BlockMark register for electronic verification and permission to use your certification on marketing collateral.

Have you got questions? Read our FAQs for more information on Cyber Assurance, why it matters and how Method can help.

A full review of your current cyber security infrastructure before the assessment

Recommendations on how to improve your existing processes

Implementation of additional technical controls, if necessary

Bespoke and fully compliant policy documentation

A guaranteed pass

Free retests if your initial attempt is unsuccessful

Ongoing support to maintain the framework’s technical controls and keep your sensitive data safe

Approved Cyber Assurance Body and Cyber Advisor Scheme Provider

Method IT is one of a handful of companies that meet the strict criteria to be an approved Cyber Assurance Level One and Level Two Auditor and Certification Body. We have the technical skills to advise customers on their needs and ensure they meet Cyber Assurance standards.

IASME Cyber Assurance is a risk-based framework that helps businesses protect their digital assets and demonstrate their cyber security credentials.

Cyber Assurance Level One is a verified self-assessment. You complete a questionnaire, which an auditor like Method IT reviews.

Cyber Assurance Level Two includes an in-person audit to check your business complies with all 13 controls.

Cyber Assurance tests your processes on thirteen technical controls:

Assets
Legal landscape
Risk assessment
Organisation
Training people
Physical protection
Planning
Policies and procedures
Managing access
Technical intrusion
Backup and restore
Monitoring
Resilience

Upon completing the assessment, you will receive a certificate, a listing on the Cyber Assurance database, a BlockMark register for electronic verification and permission to use your Cyber Assurance certification on marketing collateral.

Cyber Assurance lasts for 12 months and needs to be renewed annually.

Yes. If you fail the initial Cyber Assurance assessment, you can fix the problems and re-submit your application for free.

Working with an Auditor and Certification Body like Method IT streamlines the application process and guarantees you pass. Our team will highlight the areas you need to improve, implement the technical controls if you wish and audit your assessment.

IT Services

IT Services

Specialist services

Cyber Security Services

Technical controls

Certifications

Apply for Cyber Essentials Certification

Simple Cyber Assurance Certification

How does Cyber Assurance work?

Identify and Classify

Assets

Legal Landscape

Risk Assessment

Organisation

Training

Physical Protection

Planning

Detect and Deter

Policies / Procedures

Managing Access

Technical Intrusion

Backup & Restore

Protect

Monitoring

Respond & Recover

Resilience

What are the benefits of Cyber Assurance?

You will receive a certificate for passing the assessment, a listing on the Cyber Assurance database, a BlockMark register for electronic verification and permission to use your certification on marketing collateral.

Complete your certification with Method

Approved Cyber Assurance Body and Cyber Advisor Scheme Provider

Book a one-off Cyber Assurance consultation

Cyber Assurance FAQs

About Method IT