Cyber Essentials Plus
Cyber Essentials PLUS (CE+) confirms that your protections against the most common cyber threats are operating correctly.
Fortis’ fixed-price solutions will help you to achieve CE+ certification.
The simple process is managed through Fortis’ online CE+ portal.
CYBER ESSENTIALS PLUS
SIMPLE ROUTE TO CYBER ESSENTIALS PLUS CERTIFICATION
Fortis has a simple methodology to help you achieve certification:
WHY CYBER ESSENTIALS PLUS?
Cyber Essentials Plus (CE+) includes an external vulnerability assessment, an internal scan and an on-site assessment. It offers more in-depth testing and therefore stronger assurances of security.
CE+ carries across all elements of Cyber Essentials, including a technical audit of your systems to verify the Cyber Essentials recommended controls are in place.
This higher level of assurance involves completing the SAQ followed by a technical audit of the systems that are in-scope for Cyber Essentials.
This includes a representative set of user devices, all internet gateways and all servers with services accessible to unauthenticated internet users and virtual desktop environments.
Figure 1 Chart to illustrate the certification process
Your assessor will test a suitable random sample of these systems (typically around 10 per cent) and then make a decision whether further testing is required.
You will need to complete your CE+ audit within 3 months of your last Cyber Essentials basic certification.
If you want to gain CE+ straight away, you can complete the CE SAQ as the initial part of the CE+ certification process.
The assessor will often have to visit your head office and a representative sample of your other offices in order to carry out the tests, however it is also possible to deliver this remotely.
The cost of a Cyber Essentials PLUS assessment will depend on the size and complexity of your network and devices.