Cyber Essentials PLUS

The next step following gaining a Cyber Essentials certification is to get Cyber Essentials PLUS.  Cyber Essentials PLUS offers a much higher level of assurance to businesses as it involves an independent audit from a highly qualified Cyber Essentials Certification Body such as ITWiser.  The tests look at your Cyber Essentials answers and check for evidence that what you have self certified is actually happening.  This ranges from policies and procedures through to technical tests of your network.  The test includes the five technical controls that should be in place which are:

1. Boundary firewalls and internet gateways

2. Secure configuration

3. Access control

4. Malware protection

5. Patch management

You will also have an External Vulnerability Assessment and an Internal Vulnerability Assessment as part of the process.

What does it cost?

Cyber Essentials PLUS assessments are dependent on the size and complexity of the organisation being tested as a certain number of systems must be tested.  As an example a small company with a simple setup requiring one day on site to do the assessment would cost £1500 + VAT.

How do I get it?

1. CompleteCyber Essentials or Cyber Essentials & IASME Basic 

2. Download and go through the latest Cyber Essentials Plus documents which can be found here: 

Cyber Essentials PLUS Info

3. Implement any policies, procedures, controls required internally, getting help when required from ITWiser.

4. Get in touch with ITWiser (a Cyber Essentials Plus Certification Body) and book your assessment.

5. On the basis you pass the assessment you will get your certificate and badges to prove your level of certification.