socialise
like us on facebook
tweet
follow us on twitter
business
find us on linkedin

call us

020 8939 8481

The Road-Map for Your Cyber Essentials Application

23/06/2017 in VIP

This article is an overview of the steps needed to complete your Cyber Essentials application. It gives you a structured road-map to follow, and saves you from having to work it out.

Learning about Cyber Essentials usually starts with some research on the Internet. This initial stage takes a meandering path as you piece the subject together. In the end, you will have gathered a lot of information but may have lost sight of the bigger picture.

1.      Go Through the Questionnaire.

If you’ve not already done it, do a quick review of the questions in the Cyber Essentials questionnaire.

  • Think about each of the 5 control sections and how they are currently implemented in your organisation.
  • Think about the scope of your Cyber Essentials application. What systems or parts of the business need to be included?
  • Consider who else needs to be involved. Will you do this yourself or delegate it?

2.      Get Detailed with a Gap Analysis.

This is where you find out the current state of your cyber security defences. Compare this to the Cyber Essentials standard and you’ll understand what changes need to be made to your system.

Go through each of the 34 questions in detail to understand what you currently do at a specific level. There will be some detective work and if you are not technical then you’ll need to get help from the person responsible.

Do the measures you have in place satisfy the Cyber Essentials certification requirements? If so then fill in the answer and cross them off your ‘To Do’ list. Once this is completed, you will be left with a list of things to do ranging from simple system changes, to updating staff policy documentation, to implementing the necessary technical fixes.

3.      Make the Necessary Changes.

At this point, if you have very little experience with cyber security then it is worth consulting with an Accredited Cyber Essentials (ACE) Practitioner. Even a short discussion will help you determine how to make the necessary changes and whether they are even needed. Although your main objective may be to achieve Cyber Essentials, you are also securing your system from common threats. Doing this right will protect you, reduce risk and avoid future disruption from Internet threats.

4.      Submit Your Application.

The final step is to arrange your certification. You can contact a Certification Body directly and submit your questionnaire. Typically, they will review it and allow you a little leeway to make minor improvements. If there is something clearly wrong then you may be asked to resubmit your application after resolving the shortcomings.

If you are working with an ACE Practitioner you will have the best chance of passing with minimal effort. The Practitioner can review your application and liaise with the Certification Body to understand and resolve any concerns before you pay your application fee.

 

To find out how Evolve can help you with your Cyber Essentials application contact me (David):

Call 020 8939 8481. Get in touch through Twitter or LinkedIn.