top of page

Cyber Essentials

As a Certifying Body for the IASME organisation, Synovum can carry out Cyber Essentials assessments, Cyber Essentials Plus technical audits and IASME Governance Standard/GDPR readiness audits. 

​

The Cyber Essentials programme, part of the UK's National Cyber Security Programme and mandatory for any organisation wishing on bid on UK central government contracts, has been designed to help protect organisations operating in cyberspace.  It is both size and industry agnostic, although it is found to be very suitable for small/medium size enterprises. 

​

Being certified to Cyber Essentials/Cyber Essentials Plus provides the following benefits:

​

  • Demonstrates to customers that your business takes cyber security seriously.

  • Provides some clarity on the essential security controls your business needs to have in place.

  • Identifies areas within organisations where there is room for improvement for existing security controls.

  • Automatic cyber liability insurance for UK domiciled organisations with less than £20m turnover (terms apply).

​

Depending on your organisation's in-house knowledge/skill levels, we offer an option for a consultant to work with you to complete to complete the assessment documentation. 

ce-logo-e1583444149337.webp

Cyber Essentials has been designed to mitigate the most common internet-borne threats.  It focuses on 5 main areas, these being boundary firewalls and internet gateways, secure configuration, access Control, malware protection and patch management. 

​

Depending on your organisation's in-house knowledge/skill levels, we offer an option for a consultant to work with you to complete to complete the assessment documentation. 

Option One - DIY

 

  • Access to assessment portal;

  • Verification of CE questionnaire;

  • Re-assessment (if required).

Option Two - Some Assistance

 

  • Access to assessment portal;

  • Remote/onsite consultancy support;

  • Verification of CE questionnaire;

  • Re-assessment (if required).

Option Three - Full Assistance

​

  • Initial call to discuss assessment scope;

  • Access to assessment portal;

  • Remote/onsite consultancy support;

  • Verification of CE questionnaire;

  • Re-assessment (if required).

ce-plus-logo-e1583444183282.webp
iasme-gov-audited-logo.webp

Cyber Essentials Plus certification is awarded upon successful completion of an independent technical audit of the organisation.  This technical audit is carried out either offsite or onsite using industry standard tools.

CE+ Test Activities

 

  • Remote external vulnerability assessment;

  • Authenticated internal vulnerability assessment;

  • End user device (EUD) malware protection assessment;

  • EUD defence assessment against malware delivered via email; 

  • EUD defence assessment against malware delivered via a website.

  • Re-assessment (if required).

The IASME Governance standard was developed as an affordable and achievable alternative to the ISO/IEC-27001:2013 standard for information management security systems.

​

It allows organisations to demonstrate that they have formal governance measures in place and that they are taking care of both their own and more importantly their customers' information.

​

​Certification to the Governance standard can also be viewed as a first step for organisations looking to implement the ISO standard, as many foundation elements are contained within the IASME standard.

IASME Onsite Audit Activities

 

  • Audit of organisational policies and processes; 

  • Documentation review and interviews with members of staff;

  • System configuration review to support policy statements.

  • Re-assessment (if required).

​Depending on your requirements, your organisation can be certified against Cyber Essentials, Cyber Essentials Plus and the IASME Governance Standard at the same time. 

​​​

Please contact us for more information regarding your Cyber Essentials certification requirements. 

bottom of page