Cyber Essentials Plus Danzell Service Offerings

Cyber Essentials PLUS (CE+) provides independent technical validation of Cyber Essentials controls through hands on testing and vulnerability assessment.  The Danzell update introduces stricter remediation rules, mandatory scope verification, and formal retesting conditions, including certificate revocation where vulnerabilities persist.

URM’s CE+ services are designed to reduce assessment risk, prevent avoidable failures, and protect certification outcomes.  All CE+ routes require a valid CE certificate and Technical Scope Verification.  Only the Assured and Guided offerings include preparation activities to identify issues before the formal assessment.

For full information download Cyber Essentials Danzell Service Offerings PDF

Cyber Essentials PLUS Assured

What is included

Cyber Essentials PLUS Assured is URM’s recommended end to end service for CE and CE+. It includes Cyber Essentials Assured, Technical Scope Verification, a half day sample based CE+ pre assessment, the formal CE+ assessment, one retest, and one year of access to the Abriska CE+ Assured module.

The service provides monthly internal and external compliance scans, daily authenticated internal scans immediately before assessment, and daily remediation scans if a retest is required.  Half a day of advisory time is included to support remediation and readiness.

Who it is aimed at

Organisations seeking the highest level of assurance, minimal certification risk, and ongoing compliance visibility.  This service is well suited to regulated environments, complex infrastructures, and organisations with commercial or contractual dependency on certification continuity.

‍

Cyber Essentials PLUS Guided

What is included

Cyber Essentials PLUS Guided includes Cyber Essentials Assured, Technical Scope Verification, a half day CE+ pre assessment, the formal CE+ assessment, one retest, and one year of access to the Abriska CE+ Guided module.

Monthly internal and external scans provide visibility of compliance issues, while the pre assessment identifies likely failure points ahead of the formal assessment.  This service excludes daily scans immediately before assessment and remediation scanning after a failure.

Who it is aimed at

Organisations that want structured preparation and assessment support without the enhanced scanning and advisory depth of the Assured service.  It is suitable where environments are stable and remediation effort is expected to be limited.

‍

Cyber Essentials PLUS Self Managed

What is included

Cyber Essentials PLUS Self Managed is an assessment only service. It includes Technical Scope Verification, the CE+ assessment, and one retest in line with Danzell remediation rules. No preparation activity, advisory support, or access to the Abriska CE+ module is included.

Who it is aimed at

Organisations with strong internal cyber security capability, existing CE certification, and high confidence in their readiness for assessment.  This route carries the greatest risk of assessment delay or certificate revocation if vulnerabilities are identified.

‍

URM’s Cyber Essentials PLUS Services Comparison

‍

‍

‍

Why URM?

As an accredited certification body, URM has an unrivalled record in assisting organisations of all sizes achieve certification to Cyber Essentials and Cyber Essentials Plus. URM is also an accredited Assured Service Provider under the NCSC Cyber Advisor scheme  and  has a large team of experienced, pragmatic assessors who are here to support you and guide you through the process.

Not only do we bring a wealth of cyber security knowledge, but also a wide and varied experience of all the leading cyber and information security standards.

As such, you can be assured that you are getting advice that is right for you and your organisation, taking into account your sector, size and the information you are looking to protect. Our large team of assessors also enables us to guarantee a super-fast turnaround.

‍