Reading Time: 4 minutes

Preparing for Cyber Essentials

2nd January 2024 | Modified: 3rd January 2024

Categories: How-to guide

Reading Time: 4 minutes

Table of Contents

This guide is intended to set out the process of preparation and gaining the Cyber Essentials and/or Essentials Plus certification.

By attaining Cyber Essentials certification, your organisation demonstrates a commitment to cybersecurity best practices, instilling confidence in your clients.


This certification serves as tangible evidence of an organisation’s dedication to securing sensitive information, fostering trust in an era where data security is paramount.


Additionally, Cyber Essentials serves as a proactive approach to compliance with data protection regulations, helping organisations avoid legal and financial consequences associated with non-compliance.

Summary of Certifications


This is the self-assessment which involves hitting the criteria set out by IASME which can be found here.


CNC will help you meet these criteria and then fill out the online form to gain certification


This expands on the above and requires the organisation to have already successfully passed the Cyber Essentials certification. An auditor will remotely scan several machines, servers and your public IP addresses to confirm your network meets Cyber Essentials criteria


Both Cyber Essentials certificates are concerned not only with the hardware and software being used by your company, but also the processes in place for managing the risk posed by Cyber Criminals.


Within your company policy you must have the following set in order to be compliant with the criteria, if you need assistance in the wording of these policies we can assist during your assessment


  • Password Policy
  • Internet Usage Policy
  • Data Protection Policy
  • A structured Starter and Leaver Policy
  • Business Case for Remote Working i.e. Remote Desktop Access, VPN etc
  • Home Worker Policy
  • Mobile Device Management Policy.

Your Responsibilities

For CNC to be able to complete the accreditation smoothly, you will need to provide certain information in advance.


We will be sending these questions out before having a remediation meeting. It is expected all these questions be answered before the meeting to ensure a smooth certification process.

Remediation Meeting

CNC will gather all information required for any remediations required before our meeting. Proposals for the remediation work will be submitted to you and require to be signed off.


Many of the remediation will require downtime to your network so may be best done out of business working hours. This will all be agreed within our remediation meeting.

The Process Undertaken by CNC

Once the remediations have been signed off we can start work on your network. The vast majority of the work can be done in the background without any disruption.


Some of the work will require you to make sure your mobiles are up to date as well as updating any policies that require amendments. The self-assessment is then completed by CNC and upon completion you shall be provided with the Certificate.

Cyber Essentials Plus

Once you have gain Cyber Essentials you can then apply to do Cyber Essentials Plus. You have to pass CE Plus within 3 month. As the standards of Cyber Essentials and Plus are the same there should be no significant work required to your network at this point.


The Assessor will arrange a time and date with random members of staff to check over their computers aswell as ask them a few security questions. Once this is complete they will provide a report if any parts of the network needs updating/changing in order to pass CE plus.

In Conclusion

In conclusion, Cyber Essentials certification plays a pivotal role in safeguarding organisations against the ever-evolving landscape of cyber threats. As businesses increasingly rely on digital technologies, the need for robust cybersecurity measures becomes imperative to mitigate the risks associated with data breaches, financial losses, and reputational damage.


Cyber Essentials provides a structured framework that assists organisations in establishing fundamental cybersecurity practices, ensuring a baseline level of protection against common cyber threats.


Furthermore, Cyber Essentials is not merely a one-time achievement but an ongoing process that encourages a culture of continuous improvement in cybersecurity practices. As threats evolve, maintaining Cyber Essentials certification ensures that organisations stay resilient and adaptive in the face of emerging challenges. Ultimately, the importance of Cyber Essentials certification lies in its role as a foundational step towards building a cyber-resilient organisation in an interconnected and digitally-dependent world.

Preparing for Cyber Essentials

By Paul Stephenson

Paul has spent his career working in IT and telecoms across a variety of business sectors. He has a passion for training and imparting knowledge to people guiding them to use their systems in the most effective way.

More info?

Would you like our sales team to help with your cyber security?