Select regional store:

Cyber Essentials packaged solutions


IT Governance’s fixed-price solutions can help you achieve certification to either Cyber Essentials or Cyber Essentials Plus at a pace and for a budget that suits you.

All Cyber Essentials certifications are managed through our CyberComply online portal. This is a unique online service that enables companies to follow a convenient do-it-yourself approach, including managing and tracking the certification process.


Cyber Essentials



External vulnerability scan*

Documentation toolkit


Live Online advice (2 hrs)



One day of on-site consultancy







  Buy Buy Buy


Cyber Essentials Plus



External vulnerability scan*

On-site assessment

Internal vulnerability scan

Documentation toolkit


Live Online advice (2 hrs)



One day of on-site consultancy







  Buy Buy Buy

*All of our packages include an external vulnerability scan that covers up to 16 IP addresses.

Please view the individual product pages for further details about specific testing requirements and conditions.

Alternatively, email us or call 00 800 48 484 484 for a custom quote.


Which package should you choose?

Do It Yourself

This solution is for organisations that have knowledge of all five security controls and are comfortable carrying out all of the preparation for certification. With this solution, you submit the self-assessment questionnaire (SAQ) and undertake the assessments once you are ready for certification.

Get A Little Help

We recommend this solution for organisations that are confident they have the skills to achieve Cyber Essentials certification, but are unsure of their scope and do not fully understand the five controls.

Get A Lot Of Help

This solution is for organisations with little or no knowledge of the five controls, as well as those that do not know their scope or the IP range that should be tested. We also recommend this solution for large organisations with complex organisational structures.


Cyber Essentials provides a basic level of cyber security; if you are interested in progressing to a more advanced stage of information security by implementing a holistic information security management system, you can discover more by reading about ISO 27001 and the Cyber Essentials scheme >>


Cyber Essentials package extras

Cyber Essentials Vulnerability Scan Additional IPs

If you have more than 16 IP addresses, you will need to expand your external vulnerability scan to account for them. These are purchased in blocks of 16 IP addresses.

£100 Per block

LiveOnline Consultancy

Live Online consultancy is ideal for companies that are uncertain about the requirements of the scheme, which option to choose, or how to define the scope of the certification.

£150 Per hour

Cyber Essentials Plus Health Check

This bespoke on-site service is designed for larger organisations with more complicated networks and scoping needs, and will assess your current environment against the requirements of Cyber Essentials Plus.

Price on application

Documentation Toolkit

This toolkit includes all the necessary work procedures and processes for ensuring that the controls you implement are effective.


Cyber Essentials Gap Analysis Tool

This tool enables you to identify the controls that you need to put in place in order to meet the requirements of the Cyber Essentials scheme, and monitors your progress towards compliance.

Available in multiple formats.


Cyber Essentials – A Pocket Guide

If you are completely new to the Cyber Essentials scheme, we recommend reading Cyber Essentials – A Pocket Guide. The guide is a non-technical explanation of Cyber Essentials, making it easy for anyone to understand the scheme and how to meet its requirements.

Available in multiple formats.



Package contents explained


Certification (Back to table)

All companies that meet the requirements of Cyber Essentials or Cyber Essentials Plus will be certified by IT Governance, which is a CREST-accredited Cyber Essentials certification body.


External vulnerability scan (Back to table)

All of our Cyber Essential packages include an external vulnerability scan. This is an additional service that independently verifies the security status of each company that undergoes Cyber Essentials certification through us. Non-CREST-accredited certification bodies may not offer this service.


On-site assessment (Back to table)

The on-site assessment is a requirement for all companies wishing to achieve Cyber Essentials Plus. We will visit your office(s) and thoroughly check whether the solutions you have put in place comply with the control requirements.


Internal vulnerability scan (Back to table)

The internal vulnerability scan is a requirement for all companies wishing to achieve Cyber Essentials Plus. It involves a scan of your in-scope internal network, with a focus on workstations and mobile devices. It aims to find out whether the Cyber Essentials controls have been properly implemented and to check that known vulnerabilities have been addressed.


Cyber Essentials documentation toolkit (Back to table)

The Cyber Essentials documentation toolkit includes all of the necessary customisable policies and procedures to meet the Cyber Essentials requirements. The templates include guidance on correctly implementing and maintaining your cyber security controls.


Live Online consultancy (Back to table)

If you need guidance or just peace of mind on any part of the Cyber Essentials certification process, then our Live Online consultancy is perfect for you. We provide expert advice from our team of consultants.


One day of on-site consultancy (Back to table)

On-site consultancy is conducted by an expert cyber security practitioner. They will provide guidance on completing the self-assessment questionnaire and how to implement the five controls required by the scheme, and will help define the scope for certification.


Other products you might be interested in:

This website uses cookies. View our cookie policy