- Management Standards
- Certified Companies
You have landed on this page because you are a government department and you are looking at implementing Cyber Essentials for your department.
As a government department your greatest challenge will be scoping your boundary. You can be certified as individual departments if you have a physical boundary to your larger departments infrastructure. As an easy rule of thumb if the larger infrastructure is infected by ransomware such as Cryptolocker would it infect your departments system. If it would you will need to either add hardware or re-define your scope.
To obtain your level 1 cyber essentials certificate you are required to provide evidence, to an accredited certification body, that you meet the Cyber Essentials Requirements. We have made this easy for you by providing a standard questionnaire that asks you the relevant questions, you’ll need to attach some evidence so we’ve provided some guidance notes for you to follow. On completing the questionnaire to the satisfaction of your chosen certification body you will be awarded your Cyber Essentials Certificate.
You can choose your certification body and complete a word doc/pdf here or
If you’d prefer to use an online portal to present your evidence you can choose one here. (the questions are the same)
You may require further assurance that you meet the requirements of Cyber Essentials. This is called Cyber Essentials PLUS and involves an audit at your authority, some technical testing as well as the completion of your questionnaire. As this level of assurance needs a site visit costs can vary, so be sure to request quotes from more than one CE + certification body. All CE +certification bodies test to the same specification and are monitored by ourselves.
If you require assistance you can call on Accredited Cyber Essentials Practitioners to help you implement the requirements. Many already work in government departments and are familiar with your infrastructure.