Cyber Essentials packaged solutions
IT Governance’s fixed-price solutions can help you achieve certification to either Cyber Essentials or Cyber Essentials Plus at a pace budget that suits you.
All Cyber Essentials certifications are managed through our CyberComply online portal. This is a unique online service that enables companies to follow a convenient do-it-yourself approach, including managing and tracking the certification process.
*All of our packages include an external vulnerability scan that covers up to 16 IP addresses.
Please view the individual product pages for further details about specific testing requirements and conditions.
Alternatively, email us or call 1 877 317 3454 for a custom quote.
Which package should you choose?
Do It Yourself (DIY)
Choose this solution if you are comfortable carrying out the Cyber Essentials preparations yourself. With this option, you can submit the self-assessment questionnaire (SAQ) and undertake the assessments once you are ready for certification.
Get A Little Help (GALH)
We recommend this option for organizations that are confident they have the skills to reach Cyber Essentials certification but need a little guidance to point them in the right direction
Get A Lot Of Help (GALOH)
This option is an all-inclusive package for large organizations with complex organizational structures, or organizations that have no prior experience implementing an information security management system.
Cyber Essentials provides a basic level of cybersecurity; if you are interested in progressing to a more advanced stage of information security by implementing a holistic information security management system, you can discover more by reading about ISO 27001 and the Cyber Essentials scheme >>
Cyber Essentials package extras
Cyber Essentials Vulnerability Scan Additional IPs
If you have more than 16 IP addresses, you will need to expand your external vulnerability scan to account for them. These are purchased in blocks of 16 IP addresses.
Live Online consultancy is ideal for companies that are uncertain about the requirements of the scheme, which option to choose, or how to define the scope of the certification.
Cyber Essentials Plus Health Check
This custom, on-site, one-day service is designed for larger organizations with more complicated networks and scoping needs, and will assess your current environment against the requirements of Cyber Essentials Plus.
This toolkit includes all the necessary work procedures and processes for ensuring that the controls you implement are effective.
Cyber Essentials Gap Analysis Tool
This tool enables you to identify the controls that you need to put in place in order to meet the requirements of the Cyber Essentials scheme and monitors your progress towards compliance.
Available in multiple formats.
Cyber Essentials – A Pocket Guide
If you are completely new to the Cyber Essentials scheme, we recommend reading Cyber Essentials – A Pocket Guide. It is a non-technical explanation of Cyber Essentials, making it easy for anyone to understand the scheme and how to meet its requirements.
Available in multiple formats.
Package contents explained
All companies that meet the requirements of Cyber Essentials or Cyber Essentials Plus will be certified by IT Governance, which is a CREST-accredited Cyber Essentials certification body.
All our Cyber Essential packages include an external vulnerability scan. This is an additional service that independently verifies the security status of each company that undergoes Cyber Essentials certification through us. Non-CREST-accredited certification bodies may not offer this service.
Cyber Essentials documentation toolkit (Back to table)
The Cyber Essentials documentation toolkit includes all the necessary customizable policies and procedures to meet the Cyber Essentials requirements. The templates include guidance on correctly implementing and maintaining your cybersecurity controls.
If you need guidance or just peace of mind on any part of the Cyber Essentials certification process, then our Live Online consultancy is perfect for you. Our team of consultants provide expert advice.
One day of on-site consultancy (Back to table)
On-site consultancy is conducted by an expert cybersecurity practitioner. They will provide guidance on completing the self-assessment questionnaire—and how to implement the five controls required by the scheme—and will help define the scope for certification.
The on-site assessment is a requirement for all companies wishing to achieve Cyber Essentials Plus. We will visit your office(s) and thoroughly check whether the solutions you have put in place comply with the control requirements.
The internal vulnerability scan is a requirement for all companies wishing to achieve Cyber Essentials Plus. It involves a scan of your in-scope internal network, with a focus on workstations and mobile devices. It aims to find out whether the Cyber Essentials controls have been properly implemented and to check that known vulnerabilities have been addressed.
Other products you might be interested in: