Cyber Essentials

The Cyber Essentials scheme was launched in 2014 to promote cyber safety measures to ensure the safe handling, processing and storage of data for all businesses within the public supply chain. Substantial growth within the public sector has meant that the scheme is now a mandatory requirement in Scotland, as part of the Public Sector Cyber Resilience Plan, which requires all public bodies to put cybersecurity measures in place across their organisations.

Who is the accreditation for?

Accreditation is suitable for all companies in any sector who handle client information and have a desire to increase their IT infrastructure security throughout their business. 

Companies who look to implement the Standard work in sectors including: legal, marketing, IT, manufacturing, E-commerce and medical. 

Companies who implement the Cyber Essentials scheme show their ongoing commitment to fighting cyber-crime and give their clients confidence in their practices when handling and storing data. The Standard is also a valuable tool for contract tender applications.

In addition to this, Cyber Essentials is now listed as one of the key elements involved with Lexcel V6.1 for legal practices throughout the UK.


The Cyber Essentials Controls

Cyber Essentials requires sound basic information security hygiene measures, which when implemented properly can significantly reduce the risk of vulnerability to cyber threats.

Applicable to organisations of any size or type the scheme has five critical controls.  These are:


As an additional benefit, CFA can provide a gap analysis against or carry out a joint audit with the ISO 27001 standard. Please contact one of the team on or 0161 237 4080

Assessment Types

Assessment Types:

Centre for Assessment offers three levels of assessment and certification for the Cyber Essentials scheme. Each assessment type offers different benefits and is applicable to a wide range of companies and industries.

Cyber Essentials Basic:

Cyber Essentials Basic is a self-assessment driven scheme, whereby applicants review their IT infrastructure via an application document. Once completed, this is then returned to Centre for Assessment for review. This scheme is recommended for smaller businesses looking for entry-level cyber protection compliance.
Cost: £300.00 + VAT 

Cyber Essentials Plus:

Cyber Essentials Plus offers a much more comprehensive assessment, whereby applicants complete and return a more in-depth application document, which assesses IT infrastructure in greater detail. This assessment type also involves penetration testing, mobile device testing and on-site assessment by an ACE registered assessor, who will access the required network and test for any weaknesses or vulnerabilities that may not have been previously found. A full, comprehensive report is then given to the client to highlight findings during the assessment, and any improvements that need to be made to ensure quality Cyber Security. This is then reviewed by the assessor and certification can then be awarded pending results.
Cost: £2,500.00 + VAT

Cyber Essentials Plus EXTRA: Centre for Assessment are pleased to offer our newest Cyber Essentials Plus EXTRA scheme. The new EXTRA scheme covers all the important details of both the Basic and Plus levels of assessment, however, this also includes a full pre-assessment evaluation of client systems, which is then fully reported on. We then work with clients to help improve and manage systems from the findings of the pre-assessment and help to ensure that any issues are rectified. Once satisfied, you would then be assessed under the scheme rules, following the same process as Cyber Essentials PLUS. If for any reason the standard is not met, this level of assessment will also cover a FREE re-assessment to ensure that clients are given ampler opportunities to ensure that their systems meet the scheme rules. This is recommended for companies that are looking to ensure that they meet the standard with as much support and information as available.
Cost: £3,250.00 + VAT

Assessment Comparison

Accreditation Process
  1. Contact Centre for Assessment to discuss which version of the Standard is right for your organisation.
  2. Complete application form.
  3. Return form, highlighting the package required.
  4. Application is then sent off for assessment.
  5. Pending results, certificates are sent both physically and digitally.
  6. Client receives branding guidelines for marketing use.
  7. Added to register of accredited Cyber Essentials companies.
Accreditation Support
  • We have ACE registered technicians available during office hours to help advise and support clients through the application process.

  • We run a range of in-house training and attend exhibitions throughout the year, making us available for clients to learn more about the requirements.

  • We have a huge network of Cyber Essentials consultants available to offer support for clients who are anything from technophobes to experts.

  • We have FAQ documents, as well as Business Development Executives available to help support any questions you may have.
Apply now

Application process

To get started with Cyber Essentials, please complete the application form below and email to the Centre for Assessment Team.

Download here