Where to Start
We understand that it can be difficult to know where to begin when you want to make your company more secure.
Below is some advice to get started.
Download the Question Set
If you are planning to certify your business, download the Cyber Essentials or IASME Cyber Assurance self-assessment questions. This is completely free and will allow you to review the question set, understand what you should have in place and spend time preparing for assessment. There may be some questions which you do not have the expertise to answer and will need to seek advice.
Join the LinkedIn group
If you have a question which is preventing you from making progress, we have a free LinkedIn group called the “Cyber Essentials Advice group”. You can post your questions here and we will give you free advice. You can ask any questions about cyber security, governance or data protection. You can join it here.
Check out our resources
Take a look at our client guidance documents which will give you detailed information about the assessment process for both Cyber Essentials and IASME Cyber Assurance.
Use the Cyber Essentials Readiness Tool
You can start preparing your organisation for certification to Cyber Essentials using a free online tool that helps you gauge your current level of cyber security in relation to where you need to be to achieve Cyber Essentials. The Cyber Essentials Readiness Tool includes a series of guidance documents written for non-technical people, to help you understand the five controls and how they apply to your business. Your answers to the Readiness Tool questionnaire will inform the tailored guidance and step by step action plan which will be presented to you when you reach the end of the Readiness Tool.
Get help from a Certification Body
If you have a complex company structure or require some specific help and advice, help is at hand. The delivery of Cyber Essentials (basic and Plus) assessments is licensed to a team of qualified cyber security companies who are located around the United Kingdom and Crown Dependencies. These companies are known as Certification Bodies. Many of these security companies are also licensed to assist organisations with IASME Cyber Assurance. They are available to offer consulting services to help you understand the assessment questions, how they relate to your company and what steps you need to take to achieve certification.
You can contact a licensed Certification Body near you who will be able to help you prepare for certification.
Go to the NCSC website
The National Cyber Security Centre (a part of GCHQ) is the UK’s National Technical Authority on Cyber Security. They provide a wide range of excellent guidance for organisations of all sizes. The NCSC website has some great free advice that will help to educate you on creating good security habits and get you started on your journey.
https://www.ncsc.gov.uk/collection/top-tips-for-staying-secure-online
https://www.ncsc.gov.uk/collection/small-business-guide
https://www.ncsc.gov.uk/guidance/phishing
Meet the 10 steps
Once organisations have achieved Cyber Essentials certification, they often go on to develop their cyber security to a more in-depth level. The IASME Governance certification maps to the NCSC 10 Steps and covers, among other things, cyber resilience, GDPR compliance, and policies and procedures. The IASME Governance Standard is owned by IASME and not backed by the NCSC.
You can download our free templates for many of the policy documents to get you started. Please review and adjust them carefully to ensure that they are relevant to your organisation.
Find Out More
Have a look at our Frequently Asked Questions or speak to our team