How do I get Cyber Essentials certification?
Whether you choose Cyber Essentials or Cyber Essentials Plus, you need to appoint a Certifying Body to carry out the assessment. All CREST Certifying Bodies use the CREST Questionnaire and you can download a copy here, to give you a feel for what the Standard: CREST Cyber Essentials Questionnaire V3.1
There are a number of suppliers that you can select but value will be gained by appointing one who is certified and possesses accredited consultants because it is the combination of these features that will provide an organisation with the greatest assurance and confidence that an effective assessment has been performed in the most professional manner.
Many organisations, however, face a challenge in identifying trusted suppliers that have access to competent, qualified experts. CREST is a not-for-profit accreditation body whose role is to create and maintain high standards within the cyber security sector and to drive a consistency of quality across its member organisations to offer assurance to the buying community. Any organisation procuring Cyber Essentials services can rest assured that CREST Cyber Essentials Certifying Bodies have:
- Demonstrated appropriate levels of quality assurance processes, security controls, security assessment methodologies and met additional qualification criteria;
- Proven access to technically competent and qualified staff;
- Committed to abiding to the requirements of Certification Bodies for Cyber Essentials;
- Signed an enforceable Code of Conduct.
You will find a list of the CREST approved Cyber Essentials Certifying Bodies here along with their office locations to help you select the right one for you.