Cyber Essentials was developed by government through consultation with industry to improve the cyber security within public supply chains
What is Cyber Essentials?
The scheme launched on 1st October 2014 and is a requirement for suppliers involved in handling of sensitive and personal information through provision of certain technical products and services. We expect many private sector organisations to introduce the requirement as well.
Cyber Essentials requires sound basic information security hygiene measures, which when implemented properly can significantly reduce risk of vulnerability to cyber threats.
Applicable to organisations of any size or type the scheme has five critical controls. These are:
There are two levels of assessment and certification, Cyber Essentials (CE) and Cyber Essentials Plus (CE+).
CE assessment is a self assessment application based approach. This involves completing a standard questionnaire confirming approaches taken by your company and will need to be countersigned by a director stating that all actions have been taken. False claims may be deemed fraudulent, invalidate insurance and possibly give rise to prosecutions. Once completed the application requires submitting to Centre for Assessment when one of our team will review the content. If everything is in order we will submit this to QG Standards to issue your certificate. In some cases we may ask for additional information before submitting for certification.
Costs: £350 + VAT
CE + Assessment is a higher level assessment and is anticipated to be the one most people will require, this still involves the self assessment application followed by a verification visit to your premises to verify the information provided on the form and a vulnerability scan (maybe on/off site.). You will also get a report detailing potential areas to improve security of your information.
Download the questionnaire (all other applicants)
As an additional benefit, CFA can provide a gap analysis against or carry out a joint audit with the ISO 27001 standard. Please contact one of the team on email@example.com or 0161 237 4080