A structured, transparent process from first conversation to certificate — and beyond.

We begin with a working conversation to understand your organisation, technology environment, and certification objectives. This typically takes 30–60 minutes and covers the systems you use, the data you handle, and any contractual or compliance drivers behind your certification requirement.

We assess your current security posture at a high level and identify the certification pathway that fits your needs — whether that is Cyber Essentials, Cyber Essentials Plus, IASME Cyber Assurance, or a combination.

By the end of the discovery call, you will have a clear recommendation, an honest assessment of your readiness, and a transparent cost estimate.

We evaluate your existing controls against the specific requirements of your target certification. For Cyber Essentials, this means assessing your implementation of the five technical controls: firewalls, secure configuration, access control, malware protection, and security updates.

For IASME Cyber Assurance, we assess across all 14 security themes including governance, risk management, incident response, and supplier management.

The output is a gap assessment report that documents what is already in place, what is missing or misconfigured, and what needs to change before you can pass assessment.

Based on the gap assessment, we work with you to close identified gaps. This may involve guided self-service — where your team implements changes with our direction — or hands-on technical remediation where our practitioners configure systems directly.

We implement controls across your actual technology stack: Microsoft 365, Google Workspace, AWS, Azure, on-premise infrastructure, or hybrid environments. Our approach adapts to what you have, not what we prefer.

Throughout remediation, we document evidence that will be required for assessment. You enter the formal certification process with controls in place and evidence ready.

For Cyber Essentials and IASME Cyber Assurance, we guide you through questionnaire completion, review your responses and evidence before submission, and manage the formal assessment process.

For Cyber Essentials Plus, we coordinate external vulnerability scanning of your in-scope systems and conduct hands-on technical testing of devices, configurations, and controls. This includes independent assessor testing and detailed audit reporting.

We handle communication with IASME and manage the certification timeline. If any issues arise during assessment, we support you through remediation and resubmission.

On successful assessment, your certificate is issued and you receive your official certification badge for use in tender documents, marketing materials, and client communications.

For eligible organisations, your Cyber Essentials certification activates £25,000 cyber liability insurance coverage. We explain the terms and help you understand what is covered.

Certification is valid for 12 months. We provide renewal planning guidance and can support you through annual recertification. For organisations that want ongoing assurance, we offer vulnerability scanning and posture maintenance services.