Book FREE Consultation

URM is pleased to provide a FREE 30 minute consultation on Transitioning to ISO 27001:2022 for any UK-based organisation. Once an enquiry form has been submitted, we will be in touch to understand the nature of your enquiry and to book a mutually convenient time for a 30-minute consultation slot with one of URM’s specialists.

Cyber Essentials PLUS Guided

Achieve Cyber Essentials and Cyber Essentials Plus certification with our team of qualified experts.
Book FREE
Consultation
Gap Analysis
Cyber Essentials Assessment
Cyber Essentials Plus Assessment
Cyber Advisor
Registration
Consultancy Services
Cyber Essentials Assured
Cyber Essentials Guided
Cyber Essentials Self-Managed
Cyber Essentials PLUS Assured
Cyber Essentials PLUS Guided
Cyber Essentials PLUS Self-Managed
Cyber Essentials Danzell Service Offerings
Cyber Essentials Plus Danzell Service Offerings

Speak to a certified advisor

URM is an accredited Assured Service Provider under the NCSC Cyber Advisor scheme. We are able to provide you with practical, cost effective and reliable advice to improve your cyber security and achieve  ‘Cyber Essentials’ and ‘Cyber Essentials Plus’ certifications.

Speak to one of our experts for more information on how we can help you certify. Simply call 0118 206 5410 or request a call back using the form below.

Cyber Essentials PLUS Guided

A guided route if you want structured support across both the CE and CE+ assessments.  This offering includes all the benefits of the Cyber Essentials Assured offering, together with additional preparation ahead of the official CE+ assessment.

This offering includes Cyber Essentials Assured, 1 year of access to the Abriska CE+ module, a half-day sample-based CE+ pre assessment, the formal CE+ assessment, and 1 included retest within the NCSC remediation window in line with the Danzell scheme’s remediation process.

Because this offering includes Cyber Essentials Assured, your journey includes both the initial  scoping workshop and the Technical Scope Verification where evidence will be captured.  This ensures your certification scope is defined fully and accurately before the CE submission is finalised and that any issues likely to cause problems later in the certification journey are identified as early as possible.

Abriska CE+ Module (Guided)

Your 1-year access to the Abriska CE+ module (Guided) provides:

  • Monthly compliance scans of all external IP addresses in scope for CE
  • Monthly compliance scans of all servers and end user devices in scope
  • An interactive view of the assets and vulnerabilities that could lead to a compliance failure
  • Actionable, prioritised recommendations tailored to CE and CE+ requirements.

CE+ Pre Assessment

A sample-based CE+ pre assessment is typically scheduled within the 2 weeks prior to your official CE+ assessment.  This half-day pre-assessment tests a small, representative sample of your devices, identifies likely points of failure before the formal assessment, and provides initial advice on any issues identified so they can be addressed in advance.

Technical Scope Verification (TSV)

In most cases, the Technical Scope Verification is conducted separately from the CE+ assessment and must be passed at least seven working days before the assessment start date.  For this Cyber Essentials PLUS Guided offering, the TSV is typically conducted as part of the review included within Cyber Essentials Assured.

This approach significantly reduces the risk of booking CE+ assessment time that cannot be used if issues are later identified with the declared CE scope. Any factors that could prevent a successful CE+ assessment are identified and addressed early in the process.

For some small or micro-organisations (e.g., where the whole organisation is in scope and only a very small number of devices are involved) it may be possible to agree that the TSV is performed at the start of the CE+ assessment rather than as a separate activity in advance.*

* Performing the TSV on the day of the CE+ assessment may reduce cost and administrative effort, but it increases risk.  If issues are identified that cannot be immediately resolved, the CE+ assessment time will need to be either repositioned as advisory activity or postponed, and postponement charges will apply. By choosing this option, you acknowledge that passing the TSV is a prerequisite for proceeding with the formal CE+ assessment and that this approach carries a higher risk

Retests

If the TSV passes successfully, but the CE+ assessment identifies failing items, you may book 1 retest in line with the Danzell scheme’s remediation process.  A 2nd, different sample set must be selected for the retest.  If the same vulnerabilities are identified again, your CE certificate will be revoked in accordance with scheme rules.

To reduce this risk and achieve the smoothest possible path to CE and CE+ certification, you may wish to consider the Cyber Essentials PLUS Assured offering, which includes additional scanning, advisory support, and assurance designed to identify and resolve issues earlier.

URM’s in-depth knowledge of cybersecurity best practices and the Cyber Essentials framework helped us strengthen both ours and our client’s security posture while ensuring full compliance. Their consultants were professional, approachable, and incredibly thorough, offering practical advice tailored to the specific needs. The Cyber Essentials Plus assessment was conducted with great efficiency, and URM’s supportive approach meant we felt well-prepared at every stage. Thanks to their expertise, we successfully achieved certification for us and our clients, giving us (and our clients) greater confidence in our cybersecurity resilience.
IT support company
Request Cyber Essentials review

Client Feedback

Trainer:
/
5
Course:
/
5
We engaged URM to help us complete our annual Cyber Essentials Plus certification. They have a great infrastructure and skillset to support the Cyber Essentials program and made the whole process painless for us. It’s a great way for businesses to give themselves a good security health check and in doing so spot any weak points in their IT infrastructure. URM are then perfectly placed to advise on how to fill those gaps for a robust IT / IS policy structure. In summary it’s a great way to show your customers your commitment to cyber security and ultimately keeping their data safe.
Value engagement platform

Support request

If you are interested in URM’s support, please specify the subject in the form below.

Please note, we can only process business email addresses.

Why URM?

As an accredited certification body, URM has an unrivalled record in assisting organisations of all sizes achieve certification to Cyber Essentials and Cyber Essentials Plus. URM is also an accredited Assured Service Provider under the NCSC Cyber Advisor scheme  and  has a large team of experienced, pragmatic assessors who are here to support you and guide you through the process.

Not only do we bring a wealth of cyber security knowledge, but also a wide and varied experience of all the leading cyber and information security standards.

As such, you can be assured that you are getting advice that is right for you and your organisation, taking into account your sector, size and the information you are looking to protect. Our large team of assessors also enables us to guarantee a super-fast turnaround.

The guidance and support we’ve received from URM during the process for both certifications have been exceptional, putting us at ease and providing clear and concise explanations and advice to ensure we met all the necessary requirements. We would not hesitate to recommend them.
Brand distributor
Find out more
Information Security FAQISO 27001 FAQ
URM consulting were fantastic to work with. Their expert support and friendly efficiency made achieving our Cyber Essentials Plus accreditation smooth and stress-free. It's reassuring to know that we have a reliable local consultancy that we can count on for ongoing support.
Technology consultancy
We will ensure you never become a ‘slave to the Standard’ and your ISMS is something which can easily be maintained and improved.
Find out more
related BLog
Cyber
|
Cyber Security
|
Cyber Essentials

Cyber Essentials Update 2026

Published on
26/3/2026

URM’s blog breaks down key changes to the Cyber Essentials scheme coming into force on 27 April 2026, including the new Danzell Question Set.

Read more
Thumbnail of the Blog Illustration
Cyber Security
Published on
10/3/2026
Cyber Security and the Board: A Sign of What’s to Come

URM’s blog explains recent amendments to the Cyber Security and Resilience Bill, how they align with broader regulatory shifts, & practical steps to prepare.

Read more
Thumbnail of the Blog Illustration
Cyber Security
Published on
12/2/2026
NHS Cyber Security Open Letter: What Does it Mean for Suppliers?

URM’s blog explains the recent open letter to suppliers issued by the NHS, what it means, why it matters, and the practical steps you can take to prepare.

Read more
Thumbnail of the Blog Illustration
Cyber Security
Published on
16/1/2026
Minimising the Impact When a Breach Occurs

URM’s blog explores the importance of cyber resilience & the steps organisations can take to prepare for and mitigate the impact of a cyber incident.

Read more
"
Our URM consultant was most helpful. Very constructive with her thoughts. She completely understood the technology we are using to monitor the ISMS, which allowed her to fully appreciate the documentation.
Ergos
contact US

Let us help you

Let us help you in your compliance journey by completing the form and letting us know how we can best support you.