What are Certifying Bodies?
With threats constantly evolving, most organisations require professional help to mitigate cyber risk and to implement the right levels of cyber security. However, many organisations are challenged to identify trusted suppliers that have access to competent, qualified experts.
CREST is a not-for-profit industry body, whose role is to create and maintain high standards within the technical information security industry, and to drive a consistency of quality across its member organisations. Any organisation that is procuring Cyber Essentials services can therefore rest assured that CREST Cyber Essentials Certifying Bodies have:
- Demonstrated appropriate levels of quality assurance processes, security controls, security assessment methodologies and met additional qualification criteria.
- Signed a Code of Conduct.
- Proven access to technically competent and qualified staff.
- Committed to abiding to the requirements of Certification Bodies for Cyber Essentials.
In addition to the Cyber Essentials certification services, CREST Cyber Essentials Certifying Bodies provide a range of services to help organisations better manage their cyber security risks. These services include:
- Penetration testing
- Security audit and compliance
- Security policy
- Security architecture
- Cyber security incident response.