What is Cyber Essentials?
Cyber Essentials is a Government-backed scheme aimed at helping organisations protect themselves against common Internet-based cyber attacks. Certification to Cyber Essentials provides reassurance that your security controls will protect against the vast majority of common cyber attacks, and will act as a significant deterrent to cyber criminals...
What is Cyber Essentials Plus?
In order to achieve Cyber Essentials Plus, you must already be certified to Cyber Essentials. Gaining the extra qualification will also involve a technical expert conducting an on-site or remote audit on your IT systems, including...
What are the benefits attached to gaining Cyber Essentials certification?
In the process of achieving a Cyber Essentials certificate, your organisation is effectively protecting itself against approximately 80% of the most common cyber attacks...
How do you achieve Cyber Essentials certification?
In order to achieve Cyber Essentials certification, you will need to complete a self-assessment questionnaire. Certification bodies, such as URM Consulting, can provide you with...
How do you apply for Cyber Essential and Cyber Essentials Plus?
You can apply for the Cyber Essentials and Cyber Essentials Plus assessment...
What happens if you do not pass Cyber Essentials assessment?
If you do not pass and gaps are identified, you are provided with 2 working days to address any gaps...
How much does it cost for a basic Level Cyber Essentials assessment?
As of 24 January 2022, a tiered pricing structure was introduced by the National Cyber Security Centre (NCSC) and...
How to fill out a Cyber Essentials questionnaire?
Completing the Cyber Essentials questionnaire might seem like a daunting exercise, but the key word to focus on is ‘Essentials’. When you are answering the questions, try to think about your infrastructure as a whole, not just thinking in too much detail about...
Has The Cyber Essentials scheme been updated?
Yes, the Cyber Essentials Scheme was updated on 28 April 2025 to reflect the evolving nature of cyber threats (increasing adoption of cloud services) and our changing working practices, (particularly the trend towards home working and hybrid working)...
How long do you have to complete and submit a Cyber Essentials assessment?
You have 6 months to complete your assessment before your account is archived...
Can you obtain the self-assessment questions before you pay your assessment fee?
Yes, you can. Please contact URM at cyberessentials@urmconsulting.com and...
How do you achieve Cyber Essentials Plus Certification?
The first thing you need to do to achieve Cyber Essentials Plus certification is to gain Cyber Essentials certification....
What Cyber Essentials Plus scope can I choose?
The scope of the Cyber Essentials Plus must be the same as the Cyber Essentials scope...
What is the difference between Cyber Essentials and Cyber Essentials Plus?
Cyber Essentials Plus is an addendum to Cyber Essentials and is aimed at...
How much does a Cyber Essentials Plus assessment cost?
The cost of Cyber Essentials Plus varies according to the size...
Is there a register of organisations certified to Cyber Essentials?
Yes, the NCSC maintains a register of those organisations...
How long do the Cyber Essentials and Cyber Essentials Plus certifications last before you need to renew them?
Cyber Essentials and Cyber Essentials Plus certificates expire after 12 months and...
What is the recertification process?
URM will contact you with a reminder approximately a month before you have to recertify...
What tests are carried out in the Cyber Essentials Plus process?
There are 4 stages involved in achieving CE+ certification. The first stage involves an external vulnerability scan...
What is the purpose of a Cyber Essentials Plus vulnerability scan?
The vulnerability scan is utilised on two steps of the Cyber Essentials Plus certification process...
Is there a Cyber Essentials checklist?
The following checklist applies to both Cyber Essentials and Cyber Essentials Plus requirements...
What 10 steps should you follow to prepare for Cyber Essentials certification?
The following checklist applies to both Cyber Essentials and Cyber Essentials Plus requirements...
What are the Cyber Essentials Plus patching requirements?
As of 24 January 2022, software updates need to be applied within 14 days of release...
Who is the Cyber Essentials accreditation body?
On 1 April 2020, IASME became the sole Cyber Essentials Partner of the NCSC and became responsible...
How does Cyber Essentials differ from ISO 27001?
ISO 27001 adopts a more holistic approach and is focused on the development, implementation and continual improvement of an information security management system (ISMS).
Cyber essentials – the 5 key controls
related BLog
Understanding Lexcel and the Specialist Quality Mark (SQM): How Cyber Essentials Can Benefit Your Practice
Published on
6 Jun
2025
URM’s blog explores how Cyber Essentials can help your legal practice enhance its security posture and achieve/maintain its SQM or Lexcel accreditation.
Read more
Cyber Security
Published on
28/5/2025
Complying with Cyber Essentials and Cyber Essentials PlusURM’s blog answers key technical questions about Cyber Essentials and Cyber Essentials Plus, what’s in scope, CE compliant use of BYOD, and more.
Read more
Cyber Security
Published on
12/5/2025
Mitigating Cyber Risks: Why Cyber Essentials Matters More Than EverURM’s blog highlights the growing threat to cyber security in the UK and the importance of the Cyber Essentials scheme in mitigating these risks.
Read more
Cyber Security
Published on
12/5/2025
3 Top Tips When Approaching CE CertificationURM’s blog provides 3 useful top tips to help your organisation prepare for successful Cyber Essentials or Cyber Essentials Plus certification assessment.
Read more
"
We engaged URM to help us complete our annual Cyber Essentials Plus certification. They have a great infrastructure and skillset to support the Cyber Essentials program and made the whole process painless for us. It’s a great way for businesses to give themselves a good security health check and in doing so spot any weak points in their IT infrastructure. URM are then perfectly placed to advise on how to fill those gaps for a robust IT / IS policy structure. In summary it’s a great way to show your customers your commitment to cyber security and ultimately keeping their data safe.
Sales engagement platform
contact US
Let us help you
Let us help you in your compliance journey by completing the form and letting us know how we can best support you.