Skip to Main Content
Strengthen your email security practices with 50% off e-learning | Shop now
Cyber Essentials Plus Additional Device Testing

Cyber Essentials Plus Certification - Additional Device Testing

SKU: 4964
Format: Up to an additional 10 devices

Purchase additional device testing for your Cyber Essentials Plus on-site assessment.

Please note: The IT Governance Cyber Essentials Plus service provides an on-site assessment at one location, of one type of user account, on up to ten sample devices. Additional workstations, mobile devices and build types may need to be tested to meet the sampling requirements of the scheme. . This package is only required if we need to test more than ten devices.

Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account.  Apply online today or call our service centre team on 00 800 48 484 484.

Price: 1.374,00 €
ex. VAT


Product overview

Cyber Essentials Plus involves a technical audit of the systems that are in scope for Cyber Essentials. This includes a representative set of workstations, mobile devices and build types used by the organisation’s end users to complete their day-to-day duties. The number of builds is defined by the number of configurations of operating system and software suites installed. If more than one browser or Office suite is used, each variant will need to be tested. If they are installed on the same build, this is acceptable.

This technical audit involves an assessor visiting your office to conduct the tests. This testing can be conducted remotely in some instances.

Each package provides up to an additional 10 devices for testing. We may schedule additional assessors, or additional days to ensure enough time is allowed to complete all required tests.

The prerequisites for testing

The duration and number of locations that must be included in the internal testing depend on the number of builds of user devices (including BYOD) that are within the scope of the certification.

The number of locations to be tested depends on whether all the different builds can be tested in one location. It is permissible to arrange a build to be delivered to a particular site for testing purposes, even if it is not normally deployed there, providing it accesses the Internet in its usual manner.

The number of builds is defined by the number of configurations of operating system and the suite of software installed.

Examples of relevant software include:

  • Operating System including version number
  • Oracle Java
  • Adobe Acrobat
  • Microsoft Office
  • Adobe Flash
  • Browsers
  • Antivirus solution 

Test requirements

  • All user devices for testing, including mobile and BYOD, must be available for testing.
  • Local user accounts with username and password must be available for each user group in scope.
  • Internet access from the devices being tested must be able to receive emails from our test domain and be accessible by our test web server (
  • Details of a user email account per user group being assessed must be provided.
  • Workstation builds must be configured to allow an authenticated vulnerability scan that will determine patch and version numbers of installed software, and details of the account to be used.
  • Remote registry must be enabled on the workstation builds, and no global policies that block the authenticated vulnerability scan are permitted.


  • This product is supplementary to the Cyber Essentials Plus certification service provided by IT Governance.
  • This product cannot be purchased unless the Cyber Essentials Plus certification service is being provided by IT Governance.
  • Each additional package provides up to 10 additional devices as part of the internal assessment for Cyber Essentials Plus and cannot be carried forward to other on-site engagements.
  • We may provide additional assessors during a one day onsite, or additional day (s) of on-site or remote testing.

Customer Reviews