Cyber Essentials

Cyber Essentials certification for Northern Ireland businesses

We are a managed IT partner who gets NI businesses Cyber Essentials certified, based in Bangor and working with SMEs across Belfast and Northern Ireland. We close the gaps, get you certification ready, and guide you through the IASME assessment, for both Cyber Essentials and Cyber Essentials Plus.

The scheme

What is Cyber Essentials?

Cyber Essentials is the UK government-backed certification that shows your organisation has the basic technical controls in place to defend against the most common cyber attacks. It is built around five core controls, and comes in two levels: Cyber Essentials, a verified self-assessment, and Cyber Essentials Plus, which adds an independent audit.

Government backedCreated by the NCSC, the UK's National Cyber Security Centre.
Delivered by IASMEThe NCSC's Cyber Essentials Partner runs the scheme and its certification bodies.
Five core controlsOne baseline of technical controls every organisation should meet.
Valid for 12 monthsRenewed each year so your certification and listing stay current.

What is covered

The five controls

Cyber Essentials checks five technical controls. Meet all five and you have the baseline that stops the overwhelming majority of common internet threats.

01

Firewalls

Properly configured firewalls between your systems and the internet, on every device that connects.

02

Secure configuration

Devices and software set up to reduce weaknesses, with default passwords removed and only what you need switched on.

03

User access control

Accounts limited to what each person needs, administrator rights controlled, and multi-factor authentication in place.

04

Malware protection

Anti-malware, allow-listing or sandboxing working across your laptops, desktops and mobile devices.

05

Security update management

Supported software, patched promptly, with end-of-life systems that no longer get updates removed.

Which level

Cyber Essentials or Cyber Essentials Plus?

Both cover the same five controls. The difference is how they are checked, and how strong a signal each one sends.

Cyber Essentials

Verified self-assessment

You complete a questionnaire on how you meet the five controls, and it is independently reviewed and certified. It is the fastest route to the baseline, and the level most SMEs start with.

Cyber Essentials Plus

Independent hands-on audit

An assessor tests a sample of your systems directly to confirm the controls are actually working. It is the stronger assurance level and is required for some contracts. You need Cyber Essentials in place first.

Need the bigger framework? Cyber Essentials is the baseline. ISO 27001 is the full information-security management system. Many organisations start with Cyber Essentials and grow into ISO 27001 later, and we can map a path from one to the other.

How to get certified

Your path to certification

We make it straightforward. Most SMEs reach Cyber Essentials in a matter of weeks, and we stay with you through renewal.

01

Gap analysis

We assess your systems against the five controls and show you exactly where you stand.

02

Remediation

We close the gaps: firewalls, access control, multi-factor authentication, patching and configuration.

03

Assessment

We help you complete the IASME questionnaire and submit it for certification.

04

Certify and renew

You get certified and listed on the register, and we keep you compliant year on year, plus CE Plus if you need it.

Cost

How much does Cyber Essentials cost?

There are two parts to the cost. The certification fee is set by IASME and is banded by the size of your organisation, so the smallest businesses pay the lowest fee and it rises in steps with headcount. On top of that is any remediation needed to meet the five controls, which depends entirely on where you are starting from.

Organisation sizeIASME assessment fee
MicroUp to 9 staff£330 +VAT
Small10 to 49 staff£400 +VAT
Medium50 to 249 staff£450 +VAT
Large250 or more staff£500 +VAT

Cyber Essentials assessment fees are set by IASME, shown excluding VAT, and were correct as of June 2026. The fee includes IASME cyber liability insurance for qualifying UK organisations. Always check the current fee before you budget.

Cyber Essentials Plus is priced separately by the certification body and costs more than the self-assessment, because it adds a hands-on audit of your systems. We give you one clear quote that covers the assessment and the support to pass it, so you know the full figure up front.

Why it matters

Why Cyber Essentials is worth it

Win and keep contracts

Many public-sector and larger private contracts now require Cyber Essentials before you can bid. Certification keeps you eligible to compete.

Reassure your clients

It is a recognised, government-backed mark that tells clients and partners you take the security of their data seriously.

Support your insurance

Many cyber insurers expect Cyber Essentials as a baseline, and some take it into account when they underwrite or price a policy.

Cyber Essentials questions

How long does Cyber Essentials certification last?

Twelve months. You renew each year to stay certified and keep your entry on the official register current.

What is the difference between Cyber Essentials and Cyber Essentials Plus?

Cyber Essentials is a verified self-assessment of how you meet the five controls. Cyber Essentials Plus adds an independent, hands-on audit of a sample of your systems. You need Cyber Essentials in place before you can take Plus.

How long does it take to get certified?

For most SMEs, a few weeks. The main variable is remediation. If your controls are already close, certification can be quick. If there are gaps, we close them first.

Do we need Cyber Essentials Plus, or is Cyber Essentials enough?

It depends on what your contracts and clients ask for. Many organisations start with Cyber Essentials and move to Plus when a contract requires the audited level. We will tell you honestly which one you need.

How do I check whether a company holds Cyber Essentials?

Certified organisations are listed on the official IASME register, which you can search online. We are happy to point you to it.

Can Cyber Essentials be grant-funded?

The certification fee itself sits outside what the Digital Transformation Flexible Fund covers, but the wider security and automation work around it can qualify. We will tell you honestly what does.

Want to verify a certificate? You can search the official NCSC and IASME Cyber Essentials register at iasme.co.uk.

Get Cyber Essentials certified

Book a no-obligation discovery session and we will map your route to certification.

Book a discovery session