Cyber Essentials Plus
Effective cyber security control

Implement effective cyber security controls to drive business efficiency, save money and improve productivity.

Cyber Essentials Plus will help you to enhance your organisation’s reputation and win more business by demonstrating to customers and other interested parties that you take the security of their information seriously and have taken the necessary steps to reduce cyber threats.

WHite laptop with black keyboard on white surface

What is Cyber Essentials Plus?

Cyber Essentials is for all organisations, whatever sector you’re in. Implementing these controls will help your organisation defend against the most common forms of cyber-attack.

Additionally, If you intend to apply for government contracts, achieving a Cyber Essentials Certification is often a mandatory requirement.

The Scheme itself focuses on Internet-originated attacks against an organisation’s IT system, based on five key security controls.

  1. Boundary firewalls and internet gateways – these provide a basic level of protection where a user connects to the Internet. A firewall will help to keep attackers or external threats from getting access to your system.

  2. Secure configuration –systems need to be configured to ensure that the current design and build state of the system is known, good & trusted.

  3. Access control – it is important that only the appropriate personnel have access to systems and at the appropriate level.

  4. Malware protection – this doesn’t just protect you against viruses, worms and key loggers, but also nuisance programs. It is important that virus and malware protection is installed and is kept up to date.

  5. Patch management – managing upgrades for software applications and technologies. A patch management plan can help you handle changes efficiently, ensuring the latest supported version of applications is used and all the necessary patches supplied by the vendor been applied.

By choosing us to assist you with implementing the appropriate cyber security controls, you will benefit from support and advice throughout the process, an internal assessment of your cyber security processes and an onsite technical vulnerability scan of your devices.

When implemented correctly, the Cyber Essential Plus scheme will help you to improve business efficiency, save money and increase productivity.

Here are the top benefits of using the Cyber Essentials Plus framework:

  1. Implement recognised, best-practice security controls to protect against cyber-attacks

  2. Reduce the cost of insurance premiums, through participating insurers

  3. Improve customers confidence by demonstrating that you are a responsible company with a commitment to security

  4. Protect your company’s reputation by reducing the likelihood of a cyber attack occurring

  5. Improve your organisation’s ability to win more contracts by meeting Government tender requirements

How much does Cyber Essentials Plus cost?

  • Product of Interest

  • Company Information

  • Contact Details

  • Product of Interest

  • Company Information

  • Contact Details

  • Product of Interest

  • Company Information

  • Contact Details

Frequently asked questions

What is Cyber Essentials Plus?

What is the difference between Cyber Essentials and Cyber Essentials Plus?

How long does it take to get Cyber Essentials Plus?

How can we help your business?

We get your business set up for success:


Our team of consultants has provided GDPR assessments to clients ranging from SMEs to blue chip organisations across a broad spectrum of verticals and industries.


Our processes add value at every stage, without taking up unwarranted management time. We commit to providing you with the best possible value for money – including a price promise from the outset, along with the ability to stagger payments at no extra cost.


We make the process as smooth and uncomplicated as possible, and ensuring you get the training and advice that works for you.

How have businesses benefited from Cyber Essentials Plus?

Youtube logo YouTube logo

    [The Consultant] was a pleasure to meet, he was extremely helpful and explained everything clearly to us. I'm looking forward to meeting him again.
    Lucy Bray, AGS Ground Solutions Limited

    I was pleasantly surprised by the ISO 27001 process as our consultant documented our ISO 27001 security controls after having discussed each element to ensure the controls were relevant and appropriate for our business.
    Roger Haddon, Managing Director, Knowledge Powered Solutions Limited

3 Steps to Certification

With our help, the certification process can take as little as 45 days to complete

Getting to grips with the gaps

We’ll spend some time with you carrying out a gap analysis to see how your current processes and procedures match up to the requirements of the ISO Standard. And we’ll collect details of the areas that already do so we can create your bespoke management system for you in our smart online hub, Atlas.

3 Step Certification

Getting up to Standard

Now it’s time to make any changes. With handy reminders to help you keep on track of tasks and editable templates at your fingertips, you can make sure all the records you need are in place to achieve certification.

3 Step Certification

Getting ISO certification

An ISO auditor will check you’ve addressed any gaps correctly and that you’re following the documented processes. Once everything is in place, you’ll be recommended for certification. Your new certificate and certification marks will be ready to download from Atlas.

3 Step Certification

Cyber Essentials Plus resources

    Guide to ISO certification

    Why you should choose us to assist your business with ISO certification

    Scheme Overview: Cyber Essentials Plus

    Overview of the Cyber Essentials Plus scheme

    Understanding the Basics of Cyber Essentials Plus

    Guide to Information and Cyber Security

    A visual guide to the areas covered by each of the information security products

    A visual guide to the areas covered by each of the information security products

    Overview of our Cyber Essentials Offering

    Overview of the different options available for our customers looking to implement the Cyber Essentials Scheme

    What Information Security Products are available?

    The Citation ISO Certification suite of information security products

    Company Profile

    Find out about us, our achievements and some of our clients

Latest Cyber Essentials Plus news

At Citation ISO Certification we are constantly updating our approach and process to meet the latest changes in how ISO certification works.

    ISO 9001 Processes, Procedures and Work Instructions

    ISO 9001 processes and procedures are integral to managing the requirements needed to meet the criteria outlined in the ISO […]


    Make change that lasts this Mental Health Awareness Week

    Make change that lasts Let’s face it, many businesses view mental health initiatives as a nice thing to have rather […]


    A Guide to ISO Non-conformance

    ISO non-conformance is the failure to meet one or more of the requirements outlined in management standard criteria. Whether it’s […]



QMS International use cookies to provide you with a better site experience, enable features and to help us understand how our website is being used.

By continuing, you consent to the use of cookies in accordance with our Cookie Policy

Allow All Cookies

Allow Strictly Necessary Cookies Only