Government Endorsed Cyber Essentials Scheme

The effects of cyber security can be huge for any size organisation. It can cost an organisation up to £2 million pounds if there is a cyber security breach.

The Cyber Essentials scheme will help your organisation protect itself from the most common cyber attacks. You can prevent these attacks by ensuring your cyber infrastructure is at a good level, and the government backed scheme can do just that.

Cyber Essentials

You require no assistance to pass.
Re-test fees apply upon failure.

      • Cyber Essentials self assessment questionnaire issued to client.
      • Upon completion DXR will assess the responses against the CE marking scheme.
      • Internet Facing Systems will be subject to an external vulnerability assessment
      • Cyber Essentials Certification [If achieved] delivered to the client. Usually within 24 hours of receiving the completed questionnaire.
      • If certification criteria are not met, your assessment will be marked as failed with CREST or IASME. Feedback on failed sections will be provided.
      • Any subsequent re-tests will be chargeable.
      • £300 ex VAT Per assessment
      • Pay via Invoice or instantly with PayPal

Cyber Essentials
‘Pass First Time’

Full email/phone support.
Re-tests included until success

  • Everything Included in the Basic Package with..
  • Letter of intent provided to evidence commitment to certification.
  • Unlimited remote support and assistance from our Cyber Essentials experts.
  • Questionnaire pre-screened, prior to final submission.
  • Additional assistance provided for the entire Self Assessment Process, ensuring a first time pass
  • Two week grace period to remediate potential issues [If Applicable]
  • Free re-test once issues have been fixed [If Applicable]
  • Cyber Essentials Certification delivered to the client, usually within 24 hours of receiving the completed questionnaire.
  • £500 ex VAT Per assessment
  • Pay via Invoice or instantly with PayPal

Cyber Essentials
‘Pass First Time’

Bespoke packages available.
Fast and Easy route to CE+ Certification.


Why You Need
Cyber Essentials

Secure & Certify your organisation to
government approved standards.

Cyber Essentials demonstrates that your organisation is security conscious. It shows you value the importance of taking measures to secure your customers data. Being Cyber Essential certified gives assurance to your customers as you are in compliance with a Government Recognised level of information security. Cyber Essentials helps implement basic, yet crucial information security measures within your organisation.

  • Demonstrate to customers your commitment to security
  • Defend your organisations critical data against prevalent cyber threats
  • Ensure you company retains a sound reputation
  • Enable your organisation to bid for Government contracts

DigitalXRAID are an official Cyber Essentials certification body, we will help you achieve certification quickly and efficiently.

Quote Me.


Frequently Asked Questions

CE+ includes entirely the same requirements as the basic standard, with an added extra of a more in-depth test on-site. This verifies your answers to the questionnaire and ensures you are protected against a range of malicious attack scenarios. The independent testing is designed to give you extra peace of mind that your cyber security measures are both suitable and sufficient. Cyber Essentials is not a prerequisite for Cyber Essentials+ you should think of it as an either/or and we would generally recommend CE+ to larger organisations or those with higher-risk security needs.

Whilst both standards are suitable for any type of organisation, for particularly large or high-risk organisations we would always recommend CE+ due to the extra independent testing involved. Having said that, no matter the size of your organisation CE basic will always cover the necessary compliance for companies in Central Government whose services include the handling of personal information and IT services. If you’re still unsure whether you should go for basic or plus, you can always contact us directly and we’ll be more than happy to give our advice based on your organisation.

Firstly, it’s important to say that it remains your choice to determine which of your systems are in-scope. However, as a general rule, you should include all Internet end user devices which are connected to the Internet. We would also highly recommend other Internet facing systems, such as email or application servers.

If you need advice regarding the scope, DigitalXRAID can provide guidance by visiting your organisation for an on-site pre-assessment.

Yes, certification to other standards, for example ISO, does not reduce the need for CE/CE+ assessment, nor does it reduce the requirements of CE standards should you choose to go ahead.

If you fail the self assessment questionnaire, we will allow two working days for you to examine the feedback from the assessor and change any simple issues with your questionnaire. You can then update your answers and the assessor will have another look without any extra charges. If you still fail after these two days you will have to re-apply and pay the assessment fee again. However, DigitalXRAID will provide pre-screening to give you the best chance of success and will ensure you are ready before you make the application. A failure of the External vulnerability assessment will incur an additional retest charge for the lowest tier package.

We highly recommend that each organisation maintains the CE or CE+ scheme on a rolling basis, due to the ever-growing number of cyber security threats. This can be done effectively by scheduling annual re-assessment to ensure your protection remains up-to-date and benchmark with the requirements of the CE standard.

All clients get feedback on any aspect of the assessment which is not fully compliant. You will get a PDF document of all the answers you gave and comments from the assessor against any that were considered non-compliant.