Cyber Essentials PLUS

The technical work required of the assessor makes CE+ more expensive for the organisation, who has much less to do

Instead of relying only on a self-assessment questionnaire, the CE+ process uses NCSC authorised software tools on the organisation's network

Such tools physically verify that the security controls declared are actually implemented and working effectively across your organisation’s systems and devices.

Organisations must already hold a valid Cyber Essentials certificate issued less than 90 days before the CE+ is issued. Otherwise, CE will have to be repeated.

The Audited version of Cyber Essentials (for the business that wishes to prove it!)

The technical work required of the assessor makes CE+ more expensive for the organisation, who has little more to do (assessor checks against questionnaire)

The CE+ process uses NCSC authorised software tools on the organisation's network and compares results with the questionnaire.

Such tools physically verify that the security controls declared are actually implemented and working effectively across the organisation’s systems and devices.

Organisations must already hold a valid Cyber Essentials certificate issued less than 90 days before the CE+ is issued. Otherwise, CE will have to be repeated before CE+ assessment.

Key Points

Achieve Cyber Essentials.
As quickly as possible afterwards, engage with a Certification Body authorised to conduct CE+, working directly with an approved assessor (Regola use authorised specialist partners).
Assist as required with the Technical Security Audit. Approved vulnerability testing tools are used to assess your systems and confirm controls are active and effective.
Review & Feedback: Any issues found are discussed, and organisations may receive guidance to address them.
Issues, compared with CE responses are addressed.
Certification Awarded

The Process

Get Started Today

Protect your business and gain a competitive edge over market rivals with a Cyber Security certification. Why wait?