Security Testing

Cyber Essentials Plus Certification

CE_logo_affiliated_hi_res

The Cyber Essentials Plus Certification is the second level of the Cyber Essentials scheme and requires technical verification of the information supplied in the self-assessment questionnaire.

To download a copy of our self-assessment questionnaire for single employee companies, please click here.

To download a copy of our self-assessment questionnaire for all other businesses, please click here.

The technical verification will cover the external Internet presence of the organisation as well as an element of on site testing.

One of our assessors will work with you to confirm the scope of the technical verification based upon the output of the self-assessment questionnaire.

All of our assessors are information security professionals who also work in the field of security testing and have an in-depth understanding of technical vulnerabilities. This knowledge will enable our assessors to review the organisation against the CE+ standard.

Technical Verification can cover the following areas depending on agreed scope:

  • Firewall and boundary gateways
  • Internet exposed services
  • Web applications
  • Secure configuration of servers and workstations
  • Patch Management
  • Mobile review
  • Review of access control measures
  • Review of malware protection
  • Exposure to phishing attacks

The process for gaining Cyber Essentials Plus Certification is as follows:

  • Download and complete the self-assessement questionnaire.
  • Arrange with the 7 Elements team to return an encrypted copy of the completed self-assessement questionnaire and where applicable supporting evidence.
  • On receipt of the completed questionnaire one of our qualified assessors will verify your responses against the Cyber Essentials Scheme. If we require further information our assessor will contact you.
  • Once our assessor is satisfied that your questionnaire meets the required standard we will progress with scoping the technical verification stage.
  • 7 Elements will then deliver the external and internal technical verification stage.
  • Once our assessor is satisfied that your technical verification and questionnaire meets the required standard we will pass your information onto our accreditation body who will issue you with a Cyber Essentials Plus certificate.
  • Where an organisation does not meet the required standard, 7 Elements will inform you of the outcome.

Please contact us to discuss your Cyber Essentials requirements in more detail.