Preparing for Cyber Essentials PLUS certification.

In addition to providing a sound foundation to build on, Cyber Essentials PLUS certification demonstrates to your customers, suppliers, and other parties (such as your insurers) that you have taken precautions to reduce your information security risks.

Since October 2014, Cyber Essentials has been mandatory for suppliers of government contracts, which involve handling personal information and providing some ICT products and services.

Cyber Essentials

Systems are self-assessed by the organisation by completing a questionnaire with the responses independently reviewed by an external certifying body.

Cyber Essentials PLUS

Cyber Essentials PLUS certification can be difficult to achieve without the correct preparation.

Systems are required to be assessed by an external certifying body, using an additional set of tools and techniques to ensure that information risk management has become integral to the organisation’s approach.

What are the requirements?

The Cyber Essentials PLUS assessment ensures your organisation meets the 5 technical controls to guarantee a good practice of information governance.

Secure configuration

To help prevent unauthorised actions by exploiting insecure configurations.

Boundary firewalls & internet gateways

To ensure effective perimeter protection, determining and controlling access permissions.

Access controls

Restricts access to the necessary minimum or users, while managing and controlling admin rights permissions.

Patch management

Hackers commonly exploit known vulnerabilities. Ensures security patches are up to date and that they are fully deployed across your organisation.

Malware protection

Malware protection helps to identify and prevent/remove any potential threats from malicious software.

For certification, you will be required to supply various forms of evidence to determine that your organisation meets all necessary requirements.

How does Comtact help?

Comtact's Cyber Essentials PLUS readiness service prepares and advises you on the improvements required to standards for Cyber Essentials PLUS certification.

To assist, we have produced a handy guide to help you complete the Cyber Essentials questionnaire.

Cyber Essentials questionnaire guide

ARTICLE

Cyber Essentials vs Cyber Essentials PLUS: What's the difference?

Read more

LEARN

What is a Vulnerability Scan and why does my company need one?

Read more

Subscribe and keep your knowledge up to date.