ICAEW.com works better with JavaScript enabled.

Cyber Essentials Accreditation

Cyber Essentials is a Government-backed and industry supported scheme to guide businesses in protecting themselves against cyber threats. Certification against this scheme is increasingly required for any company bidding for government contracts and sometimes their supply chain too. In addition to this, other organisations are now starting to include Cyber Essentials certification as a requirement in their standard supplier contracts.

Last updated: 13 February 2017

In addition to helping organisations remain secure Cyber Essentials accreditation is also a useful starting point to help you become compliant with the GDPR. While Cyber Essentials does not directly address GDPR it does help provide the base framework for implementing effective information governance in an organisation.

Cyber Essentials was created in 2014. However a revised scheme was published on 6th February 2017 to help clarify the scope and to improve best practice in some areas.

There are two levels to accreditation:

  • Cyber Essentials - a completed self-assessment questionnaire, signed by a board member which is then assessed, typical cost is £300-£400.
  • Cyber Essentials Plus - additional on-site testing is carried out by external certifying bodies, costs vary depending on the size and complexity of an organisation.

The Cyber Essentials documents are free to download and help you prepare for accreditation.

You can start your accreditation process by contacting the Information Assurance for Small and Medium Enterprises (IASME) Consortium.


The IASME Consortium kindly provided assistance in the creation of this web page.