Cyber
|
Cyber Security
|
Cyber Essentials
|
Cyber Essentials
FAQ
FAQ

How do you achieve Cyber Essentials Plus Certification?

The first thing you need to do to achieve Cyber Essentials Plus certification is to gain Cyber Essentials certification.

You will then be audited (either remotely or on-site) by a certification body, such as URM Consulting. If the audit reveals no gaps, you will be awarded the Cyber Essentials Plus certification.

If there are gaps identified, you will have 15 days to fix them and go through the assessment again. If you do not pass this time, you will need to make a fresh application and pay for it again.

Cyber Essentials has provided a very good base level for our cyber security and has had wide-ranging impact across systems and environments.
Charity
Apply for Cyber Essentials certificationApply for Cyber Essentials Plus
Get practical guidance on preventing common cyber-attacks
Get practical guidance on how to prepare for and achieve Cyber Essentials and Cyber Essentials Plus certification, and protect your organisation against these attacks.
Find out more
related BLog
Cyber
|
Cyber Security
|
Cyber Essentials

NHS Cyber Security Open Letter: What Does it Mean for Suppliers?

Published on
16 Feb
2026

URM’s blog explains the recent open letter to suppliers issued by the NHS, what it means, why it matters, and the practical steps you can take to prepare.

Read more
Thumbnail of the Blog Illustration
Cyber Security
Published on
19/1/2026
Minimising the Impact When a Breach Occurs

URM’s blog explores the importance of cyber resilience & the steps organisations can take to prepare for and mitigate the impact of a cyber incident.

Read more
Thumbnail of the Blog Illustration
Cyber Security
Published on
9/1/2026
Strengthening Your Cyber Defences: Practical Steps for Every Business

URM’s blog explores common weaknesses in organisations’ security programmes, & outlines practical, cost-effective measures to reduce the likelihood of a breach

Read more
Thumbnail of the Blog Illustration
Cyber Security
Published on
18/12/2025
Deconstructing the EU Cyber Resilience Act

URM’s blog breaks down the new EU Cyber Resilience Act, what products/entities are in scope, the security requirements it imposes on organisations, and more.

Read more
"
Our assessor has been amazing and a pleasure to work with on the assessments. He always goes above and beyond to help, reassure, and advise, and is an asset to the company.
String Systems
contact US

Let us help you

Let us help you in your compliance journey by completing the form and letting us know how we can best support you.