What is the difference between an Assessor and an Advisor?

Jul 11, 2024 | Cyber Advisors, Cyber Essentials

If you are an organisation that needs some help and support with your cyber security, whether that involves certifying to Cyber Essentials or simply improving on what you’ve got, help is at hand.

But who you gonna call?

Do you need a Cyber Advisor or a Cyber Essentials Assessor? What is the difference?

Cyber Advisor

The Cyber Advisor (Cyber Essentials) scheme can offer small and medium sized organisations in the UK and Crown Dependencies a choice of qualified cyber security experts assured by the National Cyber Security Centre (NCSC). Cyber Advisors are able to apply their technical knowledge and provide hands-on support to help an organisation put basic cyber security measures in place. NCSC Cyber Advisors are skilled at explaining the technical controls to non-technical organisations, and also why those controls are important. They can suggests solutions that are right for the size and type of your organisation, working to a code of conduct that makes sure you only receive the advice that is most appropriate for you. They can help organisations achieve compliance with Cyber Essentials, whether they aim to obtain certification or simply improve their cyber security practices. 

Cyber Advisors work for an Assured Service Provider that has met the NCSC’s strict quality and security standards.

You can find more information and a list of registered Cyber Advisors that are located all around the UK on the IASME Website (find a cyber advisor). Contact them directly for advice. 

There is no recommended fixed cost for assured Cyber Advisor firms to charge clients. Each job is likely to vary considerably according to your existing security posture and size and complexity of your IT setup. 

Cyber Essentials Assessor

A Cyber Essentials Assessor is a cyber security expert that is trained and qualified to assess Cyber Essentials applications and issue certification. Some Assessors are also qualified to conduct audits for the Cyber Essentials Plus certification. An Assessor must work for a Certification Body. There is a network of Certification Bodies or CBs located around the UK and Crown Dependencies; they are licensed by IASME to assess whether or not an organisation meets the criteria required for Cyber Essentials certification and issue that certification – something a Cyber Advisor cannot do unless they are also a Cyber Essentials Assessor.

You can find your nearest Certification Body here Find a Certification Body – Cyber Essentials.