Cyber Essentials

Super fast turnaround, if this is urgent we can get you certified in as little as 24hours. DXR offer a Cyber Essentials certification package for your needs. Basic package if you require no assistance during the process and fully understand the requirements. Choose ‘Pass First Time’ if you would like help filling out the questionnaire along with free re-tests of the external vulnerability scans and questionnaire, in the event of a failure. Contact us for pricing on the Cyber Essentials PLUS, we can offer bespoke packages tailored to your needs to ensure a smooth and fast certification process.

Cyber Essentials

You require no assistance to pass.
Re-test fees apply upon failure.

      • Cyber Essentials self assessment questionnaire issued to client.
      • Upon completion DXR will assess the responses against the CE marking scheme.
      • Internet Facing Systems will be subject to an external vulnerability assessment
      • Cyber Essentials Certification [If achieved] delivered to the client. Usually within 24 hours of receiving the completed questionnaire.
      • If certification criteria are not met, your assessment will be marked as failed with CREST or IASME. Feedback on failed sections will be provided.
      • Any subsequent re-tests will be chargeable.
      • £300 ex VAT Per assessment
      • Pay via Invoice or instantly with PayPal

Cyber Essentials
‘Pass First Time’

Full email/phone support.
Re-tests included until success

  • Everything Included in the Basic Package with..
  • Letter of intent provided to evidence commitment to certification.
  • Unlimited remote support and assistance from our Cyber Essentials experts.
  • Questionnaire pre-screened, prior to final submission.
  • Additional assistance provided for the entire Self Assessment Process, ensuring a first time pass
  • Two week grace period to remediate potential issues [If Applicable]
  • Free re-test once issues have been fixed [If Applicable]
  • Cyber Essentials Certification delivered to the client, usually within 24 hours of receiving the completed questionnaire.
  • £500 ex VAT Per assessment
  • Pay via Invoice or instantly with PayPal

Cyber Essentials
‘Pass First Time’

Bespoke packages available.
Fast and Easy route to CE+ Certification.

  • Everything Included in Cyber Essentials Pass First Time with…
  • Letter of intent provided to evidence commitment to certification.
  • Onsite workstation/device pre-assessment & gap analysis by one of our Cyber Essentials consultants.
  • Any required changes presented to the client ensuring a first time pass
  • Two week grace period to remediate potential issues.
  • Comprehensive On-Site Security Assessment of your workstations and mobile devices
  • Malicious email delivery testing
  • Final Cyber Essential Report and Cyber Essentials PLUS Certification issued
  • Click HERE for more information or click below for a quotation.
Why You Need
Cyber Essentials

Secure & Certify your organisation to
government approved standards.

Cyber Essentials demonstrates that your organisation is security conscious. It shows you value the importance of taking measures to secure your customers data. Being Cyber Essential certified gives assurance to your customers as you are in compliance with a Government Recognised level of information security. Cyber Essentials helps implement basic, yet crucial information security measures within your organisation.

  • Demonstrate to customers your commitment to security
  • Defend your organisations critical data against prevalent cyber threats
  • Ensure you company retains a sound reputation
  • Enable your organisation to bid for Government contracts

DigitalXRAID are an official Cyber Essentials certification body, we will help you achieve certification quickly and efficiently.

Quote Me.


Boundary Firewalls


Secure Configuration


Patch Management

Cyber Essentials


Malware Protection


Access Management

How can DigitalXRAID help
me achieve certification?

DigitalXRAID are Security Specialist with years of experience in helping large and small companies understand their responsibilities for securing data assets, increasing organisations security position and reducing exposure to Cyber Crime. We are a CREST and IASME accredited Cyber Essentials certification body. We will help you to conduct your assessment, report the outcome to the Accreditation Body and supply you with your certificate. We also provide consultancy services to help improve your cyber/information security practices should this be required. The Cyber Essentials standard gives DigitalXRAID clear objectives: to follow specific grading criteria and report all passes and fails to the Accreditation Body.

Quote Me.

About Cyber Essentials

Cyber attacks commonly exploit basic, easily secured vulnerabilities within your IT systems and software. Cyber Essentials shows you how to implement crucial security measures to prevent the most common attacks. The scheme is designed by Government to make it easy for businesses to be protected, and trade with a standardised level of security.

Cyber Essentials is based on the implementation of five key mitigation strategies.


Frequently Asked Questions

CE+ includes entirely the same requirements as the basic standard, with an added extra of a more in-depth test on-site. This verifies your answers to the questionnaire and ensures you are protected against a range of malicious attack scenarios. The independent testing is designed to give you extra peace of mind that your cyber security measures are both suitable and sufficient. Cyber Essentials is not a prerequisite for Cyber Essentials+ you should think of it as an either/or and we would generally recommend CE+ to larger organisations or those with higher-risk security needs.

Whilst both standards are suitable for any type of organisation, for particularly large or high-risk organisations we would always recommend CE+ due to the extra independent testing involved. Having said that, no matter the size of your organisation CE basic will always cover the necessary compliance for companies in Central Government whose services include the handling of personal information and IT services. If you’re still unsure whether you should go for basic or plus, you can always contact us directly and we’ll be more than happy to give our advice based on your organisation.

Firstly, it’s important to say that it remains your choice to determine which of your systems are in-scope. However, as a general rule, you should include all Internet end user devices which are connected to the Internet. We would also highly recommend other Internet facing systems, such as email or application servers.

If you need advice regarding the scope, DigitalXRAID can provide guidance by visiting your organisation for an on-site pre-assessment.

Yes, certification to other standards, for example ISO, does not reduce the need for CE/CE+ assessment, nor does it reduce the requirements of CE standards should you choose to go ahead.

If you fail the self assessment questionnaire, we will allow two working days for you to examine the feedback from the assessor and change any simple issues with your questionnaire. You can then update your answers and the assessor will have another look without any extra charges. If you still fail after these two days you will have to re-apply and pay the assessment fee again. However, DigitalXRAID will provide pre-screening to give you the best chance of success and will ensure you are ready before you make the application. A failure of the External vulnerability assessment will incur an additional retest charge for the lowest tier package.

We highly recommend that each organisation maintains the CE or CE+ scheme on a rolling basis, due to the ever-growing number of cyber security threats. This can be done effectively by scheduling annual re-assessment to ensure your protection remains up-to-date and benchmark with the requirements of the CE standard.

All clients get feedback on any aspect of the assessment which is not fully compliant. You will get a PDF document of all the answers you gave and comments from the assessor against any that were considered non-compliant.