The Cyber Essentials scheme was launched in 2014 to promote cyber safety measures to ensure the safe handling, processing and storage of data for all businesses within the public supply chain. Substantial growth within the public sector has meant that the scheme is now a mandatory requirement in Scotland, as part of the Public Sector Cyber Resilience Plan, which requires all public bodies to put cybersecurity measures in place across their organisations.
What is Cyber Essentials?
The scheme launched on 1st October 2014 and is a requirement for suppliers involved in the handling of sensitive and personal information through the provision of certain technical products and services. We expect many private sector organisations to introduce the requirement as well.
Cyber Essentials requires sound basic information security hygiene measures, which when implemented properly can significantly reduce the risk of vulnerability to cyber threats.
Applicable to organisations of any size or type the scheme has five critical controls. These are:
As an additional benefit, CFA can provide a gap analysis against or carry out a joint audit with the ISO 27001 standard. Please contact one of the team on firstname.lastname@example.org or 0161 237 4080
Centre for Assessment offers three levels of assessment and certification for the Cyber Essentials scheme. Each assessment type offers different benefits and is applicable to a wide range of companies and industries.
Cyber Essentials Basic:
Cyber Essentials Basic is a self-assessment driven scheme, whereby applicants review their IT infrastructure via an application document. Once completed, this is then returned to Centre for Assessment for review. This scheme is recommended for smaller businesses looking for entry-level cyber protection compliance.
Cost: £300.00 + VAT
Cyber Essentials Plus:
Cyber Essentials Plus offers a much more comprehensive assessment, whereby applicants complete and return a more in-depth application document, which assesses IT infrastructure in greater detail. This assessment type also involves penetration testing, mobile device testing and on-site assessment by an ACE registered assessor, who will access the required network and test for any weaknesses or vulnerabilities that may not have been previously found. A full, comprehensive report is then given to the client to highlight findings during the assessment, and any improvements that need to be made to ensure quality Cyber Security. This is then reviewed by the assessor and certification can then be awarded pending results.
Cost: £2,500.00 + VAT
Cyber Essentials Plus EXTRA: Centre for Assessment are pleased to offer our newest Cyber Essentials Plus EXTRA scheme. The new EXTRA scheme covers all the important details of both the Basic and Plus levels of assessment, however, this also includes a full pre-assessment evaluation of client systems, which is then fully reported on. We then work with clients to help improve and manage systems from the findings of the pre-assessment and help to ensure that any issues are rectified. Once satisfied, you would then be assessed under the scheme rules, following the same process as Cyber Essentials PLUS. If for any reason the standard is not met, this level of assessment will also cover a FREE re-assessment to ensure that clients are given ampler opportunities to ensure that their systems meet the scheme rules. This is recommended for companies that are looking to ensure that they meet the standard with as much support and information as available.
Cost: £3,250.00 + VAT