FAQs

All new certificates issued will have a 12-month expiry date.

The cost of Cyber Essentials (verified self-assessment) follows a tiered pricing structure which adopts the internationally recognised definition for micro, small, medium and large enterprises:
- Micro organisations (0-9 employees): £300 + VAT
- Small organisations (10-49 employees): £400 + VAT
- Medium organisations (50-249 employees): £450 + VAT
- Large organisations (250+ employees): £500 + VAT

We offer fixed price packages for Cyber Essentials Plus depending on the number of employees within your organisation.

Yes, organisations overseas are able to get certificates.

You need to complete the online Cyber Essentials assessment as part of the Cyber Essentials Plus certification, and this must be completed prior to the Cyber Essentials Plus assessment. Alternatively, you can complete your Cyber Essentials Plus assessment within 3 months of your last Cyber Essentials certification.

A board member from the organisation signs a declaration to confirm that the assessment answers are true. One of our qualified assessors then evaluates the responses. If you pass, you receive a certificate, logo pack and are added to the searchable database of Cyber Essentials certified organisations. If you fail, you will receive feedback on areas that need improvement.

Cyber Compliance aims to return the Cyber Essentials assessment results to organisations as quickly as possible, usually within 1 - 3 working days from submission. For tight deadlines, contact Cyber Assurance via the Contact Form or Live chat to inquire about fast-tracking assessments.

Some Government contracts may require Cyber Essentials certification. Confirm with the respective Government department for specific requirements and exemptions.

Use the Cyber Essentials Certificate search on the IASME website to find organisations with a valid certificate issued in the last 12 months: https://iasme.co.uk/certified-organisations/

The scheme sets out five basic security controls to protect organisations against around 80% of common cyber attacks, allowing you to focus on your core business objectives. Benefits of the Cyber Essentials scheme include reassuring customers that you take cyber security seriously, attracting new business, and demonstrating commitment to cyber security. It is essential for government contracts and includes cyber liability insurance for eligible organisations.

Organisations complete the self-assessment questionnaire (SAQ), which must be verified by a board member or equivalent and independently verified by a certified body against the government's Cyber Essentials scheme.

Cyber Essentials Plus involves a more advanced level of assurance, including a technical audit, on-site or remote assessment, internal vulnerability scans, and an external vulnerability scan conducted by the certification body.

After passing the Cyber Essentials application, you can display the badge on websites, promotional material, letterheads, and email signatures. Guidance for displaying the certification mark is provided on the portal for authorised organisations.

Certificates issued under the Cyber Essentials scheme have a 12-month expiry. Recertification is like an annual MOT for your cyber security controls. Certifications are annual subscriptions and auto-renew. Failure to recertify results in removal from the directory of organisations awarded Cyber Essentials certification.