Spritzmonkey
Contact Us
Image 2.jpg

Cyber Essentials

Cyber Essentials - How to get certified

Cyber Essentials

Spritz Cyber Essentials Page Banner July 2020.png

Cyber Essentials certification

The Cyber Essentials certification scheme has been developed by UK government.  The scheme provides organisations with a way to show customers, shareholders, investors and other interested third parties that they have taken the relevant precautions.

There are two levels of certification available:

  • Cyber Essentials - based on a verified self-assessment

  • Cyber Essentials Plus - verified self-assessment plus external security testing

Once you have successfully completed the process of certification for Cyber Essentials you receive a certificate, report, badges that you can use. You can also apply to receive free cyber insurance with cover of £25,000, provided you meet certain criteria.

 
 

Please contact us to arrange a telephone or face to face appointment to discuss your Cyber Essentials certification and compliance needs.

Get in Touch ▸

Cyber Essentials FAQ

Who needs Cyber Essentials

Cyber Essentials provides all companies with a way to implement basic levels of protection against cyber attack, demonstrating to their customers that they take cyber security seriously.

Cyber attacks are increasingly common and by implementing Cyber Essentials, the vast amount of cyber attacks can be easily prevented.

Cyber Essentials is mandatory for government suppliers involved in handling personal data and providing certain types of IT service. Government procurement processes are increasingly likely to require this for all types of purchasing even where it is not currently mandated.

Cyber Essentials can complement other standards such as ISO 27001 and ISO 9001 and can be extended with Cyber Essentials Plus and/or certification to the IASME Cyber Assurance Standard.

At Spritzmonkey we can provide you with support and advice for the government's Cyber Essentials scheme to assist you through the process.

Benefits of Cyber Essentials

  • Reassure customers

  • Win new business

  • Necessary for some government contracts

  • Clear view of your cyber security level

  • Simple straight-forward process

  • Public recognition

What we do

We offer a number of different services for Cyber Essentials and Cyber Essentials Plus.

If you need some help, we can offer our assisted Cyber Essentials. We will complete the assessment questionnaire on your behalf in collaboration with your own staff and submit this for assessment so that you are issued with your Cyber Essentials certificate. The Cyber Essentials logo can then be displayed on your website and any proposals and other documents as you wish. If any remedial work needs to be carried out for your business to conform to the required standard, we will provide the necessary advice and work with you, your staff, and your IT suppliers as necessary to make the required changes.

If you wish to complete your own questionnaire for us to assess, you can take the DIY assessment-only approach. We will give you access to the assessment portal and you submit your answers to the Cyber Essentials statements. Once you are happy, you can submit this for us to assess. Provided you meet the requirements of the certification we will issue your certificate, report and badges, usually within 24 hours. If we need any further information we will discuss this with you, and if you do not meet the requirements of the standard we will provide feedback and a 7 day grace period to submit amendments and further evidence.

For Cyber Essentials Plus a verified assessment is required - either as an on-site or remote audit.

How much does it cost?

Our standard pricing is below.

 
 

Contact Us

Get in touch for a chat and we’ll be happy to answer any questions that you have.

Cyber Essentials Frequently Asked Questions (FAQ)

+ What is the Cyber Essentials scheme?

Cyber Essentials is a Government-backed, industry-supported scheme to help organisations protect themselves against common online threats.

+ What is the difference between Cyber Essentials and Cyber Essentials Plus?

Cyber Essentials is a self-assessment process whereby you submit answers to the questions based on how you are complying. A certification body, such as Spritzmonkey, reviews the answers and if they meet the requirements issue your Cyber Essentials Certificate. Cyber Essentials Plus is a verified assessment. You must first complete the process for Cyber Essentials and then an assessor will visit you and verify that your controls work as required.

+ What does Cyber Essentials cost?

Cyber Essentials costs start from £320 +VAT if you follow the self-certification route. All certification bodies must charge this same fee. If you want assistance, we can help you through the process. The costs for assistance start from £640 +VAT for our standard assisted package.

+ What does Cyber Essentials Plus cost?

The cost of Cyber Essentials Plus depends on a number of factors. Please contact us for a quote.

+ What is my first step to getting Cyber Essentials?

Contact us at Spritzmonkey and we will be happy to discuss your requirements and talk you through the simple process.

+ How long does it take to get Cyber Essentials certified?

We will assess your self-assessment answers within 48 hours after you submit them. Most customers complete the answers within a few weeks.

+ What are the benefits of Cyber Essentials?

Cyber Essentials has a number of benefits including:

  • Reassure customers
  • Win new business
  • Necessary for some government contracts
  • Clear view of your cyber security level
  • Simple straight-forward process
  • Public recognition

+ What areas of the country do you cover?

We work with customers all over the UK including those in East Anglia, the South East, South West, Midlands, and North of England.

We have also worked with international clients with offices in Europe, Asia and the Americas.

+ How do I choose the right Cyber Essentials certification body?

If you need advice, our friendly knowledgeable consultants will be happy to help you through the process. If you just need the assessment we promise to complete your assessment within 48 hours.

+ Why should I choose Spritzmonkey for my Cyber Essentials?

We have a successful track record of helping many different organisation through Cyber Essentials. If you need advice, our friendly knowledgeable consultants will be happy to help you through the process. If you just need the assessment we promise to complete your assessment within 48 hours.

+ What is Cyber Essentials?

Cyber Essentials is a self-assessment process whereby you submit answers to the questions based on how you are complying. A certification body, such as Spritzmonkey, reviews the answers and if they meet the requirements issue your Cyber Essentials Certificate.

+ What is Cyber Essentials Plus?

Cyber Essentials Plus is a verified assessment. You must first complete the process for Cyber Essentials and then an assessor will visit you and verify that your controls works as required.

+ Does Cyber Essentials expire?

From 1st April 2020 Cyber Essentials and Cyber Essentials Plus certificates expire after 12 months. To maintain certification you have to complete the process annually.

+ How can I persuade senior management to invest in Cyber Essentials?

We would recommend that you focus on the benefits of Cyber Essentials to the business, using language that they understand. Although it is a technical standard, it is best to avoid tech speak. It can also be stressed that Cyber Essentials certification is comparatively low cost.

+ Why has Cyber Essentials been introduced by the Government?

Cyber Essentials was introduced to provide a Government-backed, industry-supported scheme to help organisations protect themselves against common online threats.

+ Where can I find the document which describes the full requirements for the Cyber Essentials scheme?

You can download the requirements from the UK Government website here.

+ Which government contracts will I need Cyber Essentials certification for?

You can see the note to UK Government Procurement Officers which specifies Cyber Essentials mandated in many cases for suppliers to all central government departments here.

From 1st January 2016 the Ministry of Defence mandated Cyber Essentials for all its new suppliers and also their relevant supply chain.

In July 2016 the UK Government Department of Health, National Data Guardian (NDG) published “Review of data security, consent and opt-outs” which recommended that “all health and social care organisations should provide evidence that they are taking action to improve cyber security, for example through the ‘Cyber Essentials’ scheme. The ‘Cyber Essentials’ scheme should be tested in a wider number of GP practices, Trusts and social care settings.” We are now seeing an increasing number of health care organisations being required to have Cyber Essentials or Cyber Essentials Plus for NHS contracts.

+ Does Cyber Essentials have to be renewed annually?

From 1st April 2020 Cyber Essentials and Cyber Essentials Plus certificates expire after 12 months. Therefore to maintain certification you have to complete the process annually.

+ My company isn't based in the UK, can I get Cyber Essentials?

Yes, both IASME Governance and Cyber Essentials (and Cyber Essentials Plus) can be awarded to non-UK companies.