Navigating Cyber Essentials Certification What to Expect from Our Support Process

Achieving Cyber Essentials certification can feel overwhelming, especially if your team is unsure where to start or how to meet the requirements. If you’ve chosen to take supported Cyber Essentials certification with us, this guide will walk you through the entire process. Understanding what to expect will help you prepare your IT team or school staff and ensure a smoother path to certification.

How the Process Begins: Receiving and Answering the Questions

Once you decide to proceed, we set up an introductory call to discuss your systems and to introduce ourselves. Your system scope is the most important phase of the assessment. This call allows us to introduce ourselves, discuss your setup and apply system boundaries. This saves lots of unnecessary work further down the line and facilitates a smooth process.

Then we send you the Cyber Essentials questionnaire in a spreadsheet format. This document covers all the key areas you need to address, such as your current security setup, policies, and technical controls.

You then fill in the spreadsheet with details about your existing setup. It’s important to be honest here—even if you think you might not meet all the criteria. This initial step is not a test but a starting point. The answers you provide give us a clear picture of your current security posture.

Gap Analysis and To-Do List

After reviewing your responses, we provide feedback in the form of a gap analysis. This report highlights areas where your current setup does not meet Cyber Essentials requirements. This acts as a to-do list outlining specific actions needed to close those gaps.

For example, if your answers show that anti-malware software is missing or outdated, the to-do list will note that you need to implement or update this. We don’t prescribe specific brands or solutions. Instead, we recommend thus allowing you to use your existing service stack to meet the requirements. This approach keeps the process flexible and tailored to your environment.

Applying Changes and Updating the Spreadsheet

Once you have the to-do list, your team applies the necessary changes. This might include updating policies, installing security software, or improving network configurations. We're on hand to offer help and guidance should your team need assistance clarifying control requirements.

After implementing these changes, you update the spreadsheet to reflect your new setup. This cycle of answering, reviewing, and updating continues as many times as needed until your environment aligns with Cyber Essentials standards.

Caption: A detailed Cyber Essentials checklist helps track progress through the certification process.

Final Steps: Transferring Answers and Certification

When your setup meets all the requirements, you transfer the final answers from the spreadsheet into the live marking portal. We then review your submission and issue your Cyber Essentials certificate.

There are no strict time limits for completing this process unless IASME releases a new question set. If that happens, we have three months to update the portal and issue your certificate. This flexibility allows you to work at a pace that suits your team’s capacity.

Support Throughout the Journey

Throughout the entire process, an assessor is available to provide as much help as you need. Whether you have questions about specific controls or need advice on policy wording, support is just a call or email away.

Questionnaire and answer workshops, writing policies, recommending specific software vendors and implementation support are available as additional services.

Why This Approach Works for Sole Traders, CEOs, IT Directors, and School/College IT Teams as well as MSP's and IT Support companies

This supported process is designed to be practical and manageable. It respects your existing infrastructure and expertise while guiding you toward compliance. For CEOs and IT Directors, it means clear visibility of what needs to be done without technical overload. For MSP's, sole traders and school IT teams, it provides structured steps and expert support to meet security standards confidently.

If you’ve been wondering how to get Cyber Essentials certified?, this step-by-step approach breaks down the process into clear, achievable stages.

Summary and Next Steps

Understanding what to expect from our Cyber Essentials support process removes much of the uncertainty around certification. You start by answering questions honestly, receive clear feedback, apply changes, and repeat until ready. Support is available throughout, and you maintain control over how to meet requirements using your current systems.

Are you ready to get started? Click here for our supported service.