What is Cyber Essentials?

Cyber Essentials is a Government-backed certification that demonstrates your business has taken the necessary steps to protect against basic cybersecurity threats. There are two levels of certification: Cyber Essentials and Cyber Essentials Plus.

What is the difference between Cyber Essentials Plus and Cyber Essentials?

The standard Cyber Essentials certification is an online self-assessment. Cyber Essentials Plus is a more rigorous assessment that includes on-premise verification of your self-assessment. Cyber Essentials is suitable for most small businesses, while Cyber Essentials Plus is recommended for larger businesses and those who want to demonstrate their cybersecurity measures to clients, insurers, and professional bodies.

What does Cyber Essentials test?

The Cyber Essentials assessment tests five key areas of your cybersecurity infrastructure: firewalls, secure configuration, user access control, malware protection, and patch management.

What are the benefits of Cyber Essentials Certification?

Both Cyber Essentials and Cyber Essentials Plus offer several benefits to businesses. By meeting the certification's requirements, businesses protect themselves from the majority of basic cybersecurity threats. The certification proves to clients, insurers, and governing bodies that your business is committed to protecting IT infrastructure and data. It can also help you win new business, as many government and private sector contracts require or encourage Cyber Essentials certification.

What do I get for completing the certification?

Upon completing Cyber Essentials, you will receive a certificate reference number and a Cyber Essentials badge to showcase on your website and marketing materials. Your business will also be listed on the NCSC's database of Cyber Essentials-certified organizations.

What's the difference between Cyber Essentials vs ISO 27001?

Cyber Essentials can be considered a stepping stone towards full ISO 27001 certification. Cyber Essentials focuses on basic cybersecurity measures, while ISO 27001 is a more comprehensive assessment. If your business is already ISO 27001 compliant, achieving Cyber Essentials certification will be relatively straightforward.

How long does Cyber Essentials Certification last?

Cyber Essentials certification is valid for one year. Organizations must be recertified annually, which is why committing to an ongoing package is recommended. This ensures ongoing security and reduces the effort and cost of annual renewals.

We passed last year. Does this guarantee a pass on our renewal?

Gaining Cyber Essentials certification in the previous year does not guarantee a pass in the following year's renewal. Businesses must stay up to date with the requirements and implement them throughout the year to ensure a successful renewal. That's why an ongoing service is provided as part of our packages, helping you remain compliant throughout the year and significantly reducing the cost and effort required for recertification.

If we fail, can we try again and how much does it cost?

If you fail the initial Cyber Essentials assessment, you have three days to address the issues and resubmit the application. For Cyber Essentials Plus certification, the timeframe is extended to 15 days. While Method IT guarantees certification for businesses that sign up for our plans, it is still possible to fail the initial assessment. However, we will work with you to ensure you submit a passing application within the specified time limit.

What is the benefit of working with a certification body?

Applying for Cyber Essentials certification on your own can be a time-consuming process. If you fail the assessment, it may not be clear what went wrong or how to fix it. Working with a Certification Body like Method IT streamlines the application process. We can identify areas for improvement, explain the necessary steps to pass, and even complete the application on your behalf. Ongoing support is also provided to keep your business protected throughout the year and reduce the effort and cost of future recertifications.

ISO 27001 Certification | Seamless ISO 27001 Certification

ISO 27001 is a leading information security standard that gives companies of any size and from any sector the guidance to establish, implement, maintain and improve information security management systems (ISMS).

Achieving ISO 27001 conformity proves your organisation has robust systems, processes and controls to secure company and client data in an evolving threat landscape. It will also help you meet regulatory requirements, build client trust and win new business.

How Does ISO 27001 Work?

ISO 27001 provides a framework to minimise risk and safeguard business-critical data. It outlines a set of information security management system (ISMS) requirements focusing on the three principles of information security known as the CIA triad:

Confidentiality

Only authorised people can access your organisation’s information.

Integrity

Only authorised people can change your organisation’s information.

Availability

Authorised people should be able to access information whenever necessary.

Enhance your security posture against existing and future threats

Protect confidential assets like financial statements, employee data and intellectual property

Create a centrally managed framework that protects all business assets in one place

Reduce the costs associated with cyber attacks and business disruption

Meet GDPR and other legal and regulatory requirements

Dedicated support throughout your ISO 27001 assessment

Becoming ISO 27001 requires a not insignificant amount of technical work that takes time to complete. It is a long process that is made longer without the support of IT experts. Our consultancy service streamlines the assessment, providing bespoke guidance that makes the audit as painless as possible.

We can help you implement an information security management system and work with you throughout the formal audit process. Our services include:

A full review of your existing cyber security and information management infrastructure

A gap analysis that identifies areas of critical weaknesses before the assessment

Guidance and support to implement necessary controls, procedures and systems

Tailored advice during the assessment alongside

A referral to our trusted network of Certification Bodies

Ongoing support to maintain the standard’s technical controls and protect sensitive data

Cyber Essentials

Cyber Essentials is a Government-backed scheme from the National Cyber Security Centre designed to protect your business from the majority of cybersecurity threats.

IASME Cyber Assurance

Cyber Essentials is a Government-backed scheme from the National Cyber Security Centre designed to protect your business from the majority of cybersecurity threats.

ISO 27001 is a globally recognised standard for information security. It provides a comprehensive framework to safeguard data and manage sensitive data.

To become ISO 27001 compliant, your organisation must implement 93 security controls, which fall into four categories: organisational, people, physical and technological.

ISO 27001 certification verifies that your organisation has implemented a robust Information Security Management System. It significantly improves your cybersecurity posture, enhances regulatory compliance and can help you win new business.

The cost of ISO 27001 certification depends on several factors, including your company’s size, sector, location and existing infrastructure.

An ISO 27001 certificate is valid for three years if you maintain your ISMS. Certification Bodies will conduct annual visits to ensure the correct policies and procedures are in place.

No, Method IT is not an ISO 27001 Certification Body. We do not complete the assessment or issue certification. Instead, we provide a consulting service for businesses undertaking ISO 27001 that includes a pre-audit review, guidance throughout the assessment and post-audit support to maintain compliance.

IT Services

IT Services

Specialist services

Cyber Security Services

Technical controls

Certifications

Apply for Cyber Essentials Certification

Seamless ISO 27001 Certification

How Does ISO 27001 Work?

Confidentiality

Integrity

Availability

What are the benefits of ISO 27001?

Dedicated support throughout your ISO 27001 assessment

Not ready for ISO 27001 yet?

Cyber Essentials

IASME Cyber Assurance

ISO 27001 FAQs

About Method IT