Cyber Essentials certification

Cyber Essentials is beneficial for organisations large and small. 

Cyber Essentials is a UK Government-backed certification for any organisation in the UK to achieve a minimum standard to keep your data, systems and users safe. The cost of certification is generally not a lot – typically £300 from the certification body and a day or two of time from your IT provider to assist you in making decisions about the security of your IT systems.

Three steps to certification

  1. Select a Certification Body through one of the Accreditation Bodies.

  2. Verify that your IT is suitably secure and meets the standards set by Cyber Essentials - your Certification Body can help with this.

  3. Complete the questionnaire - your Certification Body will provide this and verify your answers. Once you’ve passed, you will be award your Cyber Essentials certificate.

The process in more detail

Selecting a Certification body

Your first port of call is our Directory of Accreditation Bodies. Read the details about each of these and choose one which feels like a good fit for your organisation.

Once you have selected an Accreditation Body, click through to their websites and their directory of Certification Bodies. It is the Certification Bodies which will perform your evaluation and award your Cyber Essentials Certificate.

Verify your IT is suitably secure

Cyber Essentials has a detailed set of requirements for your Information Technology. You will need to make sure your systems and software meet these before you move on to the next stage of certification.

You may be required to supply various forms of evidence before your chosen Certification Body can award certification at the level you seek.

Complete the self-assessment questionnaire

Having understood the requirements which Cyber Essentials puts on the installation, configuration and maintenance of your IT, you are ready to complete the Certification questionnaire and submit this to your Certification Body. The actual questionnaire which you complete will be supplied by your Certification Body.

What is an Accreditation Body?

Our five Accreditation Bodies have been specially selected by the NCSC to oversee Cyber Essentials. They recruit and manage our numerous Certification Bodies, ensuring the standards which we have set down for the scheme are met.

Each Accreditation Body:

  1. Produces a questionnaire for their Certification Bodies to use when certifying
  2. Has a process for auditing its Certification Bodies in place
  3. Verifies that all of their Certification Bodies meet the NCSC’s demanding level of technical competence
  4. Is audited at least every 12 months by the NCSC

Directory of Accreditation Bodies

To choose a Certification Body, first select one of the five Accreditation Bodies listed below. Then click through to the directory of their associated Certification Bodies.

Request a brochure