Cyber Essentials Scheme


Cybercrime appears in the news on an almost daily basis – but it’s not just the large organisations that are at risk. If you are in business and online – you are a target.

That’s why you need Cyber Essentials – which is part of the HMG push to improve cyber security within the UK. Obtaining Cyber Essentials will protect your business from cyber threats and you’ll also gain valuable certification.

What’s more, it could already be mandatory. If you are a supplier to government and you hold or have access to government information, as of October 2014, with some exceptions, new contracts require your company to have Cyber Essentials certification. Non-compliance puts your business at a serious commercial disadvantage.

Suppliers to the MOD also need to obtain Cyber Essentials certification for MOD contracts advertised from 1st January 2016. This applies where contracts involve the transfer of MOD identifiable information from customer to supplier, or the generation of information by a supplier specifically in support of the MOD contract.

The Cyber Essentials certificate must be in place by the contract start date at the latest, and will be reviewed annually. This requirement must be flowed down the supply chain.


The Cyber Essentials Scheme sets out an organisational cyber security standard that, if applied appropriately, will protect businesses from the vast majority of low level basic cyber threats.

Cyber Essentials focuses on 5 key areas – firewalls, secure configuration, access controls, malware and patch management. It includes an Assurance Framework enabling businesses to obtain Cyber Essentials certification.


Businesses can become certified at 2 levels: Cyber Essentials and Cyber Essentials Plus. Please download our Guide to Cyber Essentials for full details of each.

In addition to the Cyber Essentials certification route, which focuses on the 5 key technical areas, companies can obtain certification to the IASME (Information Assurance for Small and Medium Enterprises) standard, which includes aspects of basic information security governance.

The following table shows the three routes to certification available through Ascentor, including the IASME standard.

Cyber Essentials Cyber Essentials with IASME Supported Cyber Essentials or Cyber Essentials with IASME Cyber Essentials Plus
£300 £400 £1200 £1500*
Call us to get you set up with access to the online questionnaire Call us to arrange a site visit and we will set you up with access to the online questionnaire Call us to discuss your requirements, identify the scope of the assessment and arange a site visit
You make payment and receive login details At the site visit we talk you through the questions and help you fill out the questionnaire We carry out the Cyber Essentials Plus assessment against the agreed scope
You complete the questionnaire at your convenience A Certification Body will review the answers and award the requisite certificate(s) If successful, we award you a Cyber Essentials Plus certificate
We validate the answers and if successful, issue you with the requisite certificate(s) We invoice you We invoice you
For more information contact us

*If the assessment is for one site with up to 16 IP addresses and less than 250 staff the cost is £1500

Next Steps

To arrange a chat with our qualified Cyber Essentials assessors to discuss the merits of the various Cyber Essentials options, please complete the enquiry box or call 01452 881712 or email [email protected]

Further useful links:

Email Ascentor Image Map