Moves beyond self-assessment
A qualified assessor tests your controls in practice — not just reviews your answers. The result is a higher standard of independent verification.
Cyber Essentials Plus
Cyber Essentials Plus builds on your existing Cyber Essentials certification by adding independent technical verification that your security controls are actually functioning, not just documented.
Cyber Essentials must already be in place before CE+ can begin. The Cyber Essentials Plus assessment must also be completed within 3 months of the issue date of your Cyber Essentials certificate. If your certificate is approaching that window, check your dates before ordering.
What it is
Cyber Essentials Plus builds directly on the standard Cyber Essentials certification. Where the base certification is a self-assessment, CE+ adds a layer of independent technical checking — an assessor verifies that the five controls are actually configured and operating as they should be, not just answered correctly on a questionnaire.
For clients, insurers, and procurement teams that need stronger evidence of security posture — not just a certificate — CE+ provides that additional level of assurance.
A qualified assessor tests your controls in practice — not just reviews your answers. The result is a higher standard of independent verification.
For clients and procurement teams, CE+ gives a clearer, more defensible signal that controls are actually working.
For most businesses, CE+ is the natural progression once Cyber Essentials is achieved — building directly on the same controls and framework.
Ready to move forward?
Available to order online for micro to medium organisations. Check your Cyber Essentials certificate date is within the 3-month window before purchasing.
Fixed price · No retainer required