Skip to Main Content
Important information: Potential delay on shipment of physical goods. Read more
Cyber Essentials Plus - Get A Little Help

Cyber Essentials Plus - Get A Little Help

SKU: G4501
Format: Certification (online purchases only)

This service will help you achieve IASME-licensed Cyber Essentials Plus certification with a little help from us. It is conducted online and includes:

  • IASME certifications for Cyber Essentials and Cyber Essentials Plus, upon successful completion of all elements;
  • A Cyber Essentials documentation toolkit, providing all the policies and procedures you need;
  • Up to 2 hours’ Cyber Essentials remote consultancy support;
  • Access to the IASME portal where you will submit your self-assessment questionnaire (SAQ).
  • A precheck of your answers by one of our security experts prior to submission, to ensure you have met the minimum compliance requirements;
  • An on-site assessment and an internal vulnerability scan;
  • An external vulnerability scan; and
  • A certification guarantee.

Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account.  Apply online today or call our service centre team on 00 800 48 484 484.

Price: 2.589,00 €
ex VAT

The Get a Little Help package

Our Get A Little Help package has been created for organisations with some experience of information security and the five key controls required for certification, but may need assistance defining their scope and answering the IASME questionnaire.

What's included in the Cyber Essentials Plus Get a Little Help package?

Cyber Essentials certification and precheck & Cyber Essentials Plus certification

  • A precheck of your Cyber Essentials questionnaire answers by one of our security experts, to ensure you have addressed all compliance requirements.
  • Access to the IASME portal where you will submit your self-assessment.
  • External vulnerability scans;
  • Internal vulnerability scans;
  • An on-site assessment; and
  • Your Cyber Essentials and Cyber Essentials Plus certificates.

Cyber Essentials Toolkit

The most important aspect of your CES documentation is that it must be your own work and in your own words. You will need to complete the documents in the toolkit to reflect your organisational culture, your processes and your technologies.

  • Designed to reflect the requirements of the Cyber Essentials Scheme
  • Built on expert knowledge from numerous cyber security implementation projects
  • Ensure that the controls you are implementing are aligned to the requirements of the Cyber Essentials Scheme

Cyber Essentials Remote Support – 2 hours

This Cyber Essentials Remote Support service provides up to two hours of support via telephone, email or Microsoft Teams. It is ideal for organisations not certain about the requirements of the scheme, which option to choose, or how to define the scope of the certification.

Scans & on-site assessment

Your bundle will also include the following:

  • External vulnerability scan;
  • Internal vulnerability scan; and
  • On-site assessment.

How the application process works

  • We send you access details for the IASME Cyber Essentials portal via email.
  • We contact you to book your Cyber Essentials Remote Support.
  • You log onto the IASME portal where you will define your scope for testing, complete and submit the SAQ.
  • We review your assessment and provide feedback on whether it meets the requirements of the Cyber Essentials scheme.
  • Subject to a positive outcome, we issue your Cyber Essentials certificate.
  • Once Cyber Essentials certified, you schedule your on-site assessment, which will include the internal vulnerability scan.
  • We will conduct the on-site assessment and perform the necessary internal scan on a sample of your Internet-facing devices. · We will provide the results of the internal scan and on-site assessment. If there are nonconformities, we will also provide feedback to help you understand how to close these gaps and achieve certification.
  • We schedule your external vulnerability scan.
  • Subject to a positive outcome, you receive your Cyber Essentials Plus certificate.

See what our customers think about this service

“Our consultant, Terry Norton, was professional throughout and clearly had a very good knowledge of the standard and the testing, being able to help our IT Administrator ensure the relevant audit tools were installed correctly. We also found Terry friendly, patient and helpful, which is very important for remote sessions.”

- Peter Hodgson, Viewpoint Construction Software Limited


“Professional and supportive, great customer service. Maintained a dialogue without making the candidate feel under pressure with the process. Supportive throughout.”

- Rowan Irwin, T-Systems Limited


Benefits of Cyber Essentials Plus certification

Secure the supply chain

The ICO (Information Commissioner’s Office), whose job it is to uphold the EU GDPR in the UK, recommends Cyber Essentials as “A good starting point” for the cyber security of the IT you rely on to hold and process personal data.

Secure more business

If you would like to bid for central government contracts that involve handling sensitive and personal information or the provision of certain technical products and services, you will require Cyber Essentials certification.

Work with the UK government & MoD

Cyber Essentials Plus will give you the opportunity to work with the UK government and MoD.

Reduce cyber insurance premiums

Cyber insurance agencies look more favourably on organisations that have achieved Cyber Essentials certification.



Cyber Essentials Plus involves a technical audit of the systems that are in scope for Cyber Essentials. This includes a representative set of workstations, mobile devices and build types used by the organisation’s end users to complete their day-to-day duties. The number of builds is defined by the number of configurations of operating system and software suites installed. If more than one browser or Office suite is used, each variant will need to be tested. If they are installed on the same build, this is acceptable.

  • This package includes on-site testing at one location, of one type of user account, on up to ten sample devices. Additional workstations, mobile devices and build types may need to be tested to meet the sampling requirements of the scheme. If you require more than ten end-user workstations to be tested, you will need to purchase Cyber Essentials Plus Additional Device Testing. This testing can be conducted remotely in some instances.
  • The package includes a free vulnerability scan for up to 16 IP addresses. If you have more than 16 IP addresses, you will need to purchase additional IP packages in packs of 16. If you fail your external scan, a rescan will need to be purchased, plus any additional IP packages that you need to cover only the failing IP addresses if completed with 14 days of the first passing element.
  • If your business is located outside mainland UK or Northern Ireland, additional expenses will be charged to accommodate our consultant’s travel time and costs for the on-site assessment. These will be billed separately.
  • If you are not successful on your first submission for Cyber Essentials, you have two working days to submit a further attempt for certification. If you are not successful on your second submission, you will be required to wait one month before reattempting at the cost of a new application.
  • If your Cyber Essentials Plus application is unsuccessful, your Cyber Essentials certification may also be revoked.

Test requirements

  • All user devices are subject to testing and will be agreed upon before the testing date, including mobile and BYOD (bring your own device), and must be available for testing.
  • All devices within the scope of testing must be user devices and cannot be built specifically for testing.
  • A local user account with username and password must be available for each user group in scope.
  • Devices must have Internet access, allow emails from our test domain and be accessible by our test web server (
  • You must provide details of a user email account per user group being assessed.
  • Workstation builds must be configured to allow an authenticated vulnerability scan that will determine patch and version numbers of installed software, and you must provide details of the user account to be used.
  • Remote registry must be enabled on the workstation builds, and no global policies that block the authenticated vulnerability scan are permitted.

Customer Reviews

This website uses cookies. View our cookie policy.