Cyber Essentials is a Government backed scheme developed to help you protect against a whole range of the most common cyber attacks. It was established by a government department known as the National Cyber Security Centre.

The guidance and certification for this scheme has been outsourced to an organisation known as the IASME consortium which is where the majority of the links and information in this guide can be found.

There are two levels of certification:

1. Cyber Essentials (Basic)
   • This is a self-assessment option which gives you protection against a wide variety of the most common cyber attacks. The certification process is essentially an online survey with a checklist of actions which you must conform to.
   • Cyber Essentials certification includes automatic cyber liability insurance for any UK organisation who certifies their whole organisation and has less than £20m annual turnover (terms apply).
   • You will need to renew your certificate annually as it expires after twelve months. IASME remove companies from their certified organisation list if they are not certified within twelve months of their last certificate

2. Cyber Essentials Plus
   • As the basic certification above but with hands-on technical verification carried out by a CE Assessor.

Thresholds Ltd maintains its own Cyber Essentials Plus certification, and in order for everyone to be compliant each Facilitator will need to acquire their own Cyber Essential certification.

Steps for acquiring Cyber Essentials Certification:

You may already have previous experience certifying yourself on behalf of Thresholds and will therefore be familiar with the technical hoops that need jumping through for certification.

It is advisable but not essential to take advantage of some of the following tools to help prepare yourself for the self-assessment before actually applying.

N.b. Please bear in mind that when you answer the questions you are answering them as an individual/sole trader

1. Cyber Essentials readiness tool

• https://getreadyforcyberessentials.iasme.co.uk/questions/

IASME provides a “readiness tool” which is an easier-to-digest version of the Verified Assessment Questions found in step 2 below, presented as an online survey. Your responses to the questions in the ‘toolkit’ help to create a ‘personal action plan’. This action plan will help you understand where there may be any gaps that may reduce your chances of passing the assessment.

The questions should only take 20 minutes at most to answer. It is there as a guide and not an assessment so don’t hesitate to select the option for not knowing the answer as this will provide further guidance.

At the end of the readiness toolkit you will have the option to download a copy of the action plan. Please do so, as this will prove invaluable in getting further guidance from an independent advisor (see step 3) on how to fill any gaps.

2. Verified Assessment Questions (a cheat sheet!)

IASME provides a set of questions which are the same as those used in the assessment. These questions are for information only and cannot be submitted to IASME for assessment.

They come in 2 formats: 

• PDF file
• Excel spreadsheet

Both links provide you with the same set of questions but in different formats. Just pick the one you’re happiest working with (an old school printable pdf form or a sprawling spreadsheet, what a choice).

3. Guidance from an independent “Cyber Professional”

If you have completed either of the steps above and you have any questions or issues, IASME provides a list of certification bodies and ‘Cyber Advisors’ who can provide you with more support in the assessment process (for a fee). Whilst I am not a certified body or cyber advisor, due to the straightforward nature of your set up as a sole trader I should be able to assist with any issues or questions you have and for a much smaller fee. (This is where a copy of the ‘personal action plan’ in step 1 would come in handy)

Applying for the Cyber Essentials Certification

When you feel confident that you can answer the questions in the self assessment truthfully and in a manner that will result in acquiring certification you will need to purchase the Cyber Essentials Verified Self-Assessment here:

https://iasme.co.uk/cyber-essentials/cyber-essentials-apply-now/

Once your payment has been received by IASME, they will send you login details to access the on-line assessment platform to enable you to begin your certification.

Good luck!

Further Help:

Cyber Essentials Overview from the National Cyber Security Centre:

https://www.ncsc.gov.uk/cyberessentials/overview

Cyber Essentials FAQs from the CE Certification body IASME:

https://iasme.co.uk/cyber-essentials/faq-cyber-essentials/

Email: sam.white@limito.co.uk

Book in a meeting: https://calendly.com/samewhite80/30min