About Cyber Essentials


Cyber Essentials involves a technical audit of the systems that are in-scope for Cyber Essentials. This includes a representative set of user devices, all internet gateways and all servers with services accessible to unauthenticated internet users.


Get Started

Cyber Essentials Scheme

The Cyber Essentials scheme has been developed by the UK Government and industry to fulfil two functions. It provides a clear statement of the basic controls all organisations should implement to mitigate the risk from common internet-based threats, within the context of the Government’s 10 Steps to Cyber Security. And through the Assurance Framework, it offers a mechanism for organisations to demonstrate to customers, investors, insurers and others that they have taken these essential precautions.

Cyber Essentials Plus:

Cyber Essentials PLUS involves a technical audit of the systems that are in-scope for Cyber Essentials. This includes a representative set of user devices, all internet gateways and all servers with services accessible to unauthenticated internet users. The assessor will test a suitable random sample of these systems (typically around 10 per cent) and then make a decision whether further testing is required.

IASME Governance:

Audited IASME Governance (sometimes known as IASME Gold) is an independent on-site audit of the level of information security provided by your organisation. It offers a similar level of assurance to the internationally recognised ISO 27001 standard but is simpler and often cheaper for a small and medium-sized organisation to implement. As an IASME Certified Body, we will conduct an on-site audit assessing your organisation against the IASME Governance framework. Where required, we’ll help you address and remediate flaws prior to certification.


Need for getting accredited to Cyber Essentials and Cyber Essentials Plus :

  • Public Sector Work: A mandatory requirement for Government suppliers
  • Free Cyber Liability Insurance Cover: Post successful accreditation (terms apply)
  • Independent assessment of your security posture
  • Industry alignment: Align your security controls with Industry Standards


  • Assessment approach: Cyber Essentials and IASME Governance

  • Engagement: After the pre-assessment scoping call, all relevant documentation is sent to the client with adequate guidance notes.
  • Assessment: Client is expected to complete the questionnaire with appropriate support from our specialist team. Verification of compliance status of client's third parties. External vulnerability scan of client Network.
  • Interim Report and Remediation: Interim report is discussed with the client and a window of 4 weeks is given to remediate identified issues.
  • Final Report and Certification: Final report is issued and if successful certification is awarded


  • Assessment approach: Cyber Essentials Plus

  • Engagement: After the pre-assessment scoping call, all relevant documentation is sent to the client with adequate guidance notes.
  • Assessment: Internal and External vulnerability scans are conducted. Systems assessments are done during the onsite audit.
  • Interim Report and Remediation: Interim report is discussed with the client and a window of 4 weeks is given to remediate identified issues.
  • Final Report and Certification: Final report is issued and if successful certification is awarded


  • Why Baseel?

    • Fully Accredited: Baseel and Baseel Consultants hold a range of professional certifications including IASME Gold, Cyber Essentials Plus, CISA, CISM, CISSP, ISO27001 LA, CEH, CHFI, TOGAF, NCDA, CCA, VCP, CCMA, MCTS
    • Bespoke service offerings: No two customers are the same. Our consultancy advice is always designed by considering the optimum need of the client focusing on their compliance requirements, business needs, threat exposure, and project-specific requirements.
    • Risk-based and easy to understand reporting: We are very strong in 'Business IT Alignment'. With the help of the client, we always focus on aligning risk ratings of the identified vulnerability with the Business/IT Environment.

    • Detailed guidance on gap remediation: Our reports contain pragmatic and detailed guidance on the remediation of identified compliance gaps. Technology solutions are accompanied with suggestions of process improvements, where applicable.
    • Clear and Precise Communication: Our speciality is 'Simplified Security', our communication can meet the requirements of a range of recipients from Technology experts to Non-Technical Board members
    • Dedicated client relationship manager: Client always has access to an identified go-to person for all customer needs.

    Get Started


    Insight >> Integrity >>Impact >>

    Baseel Limited



    Contact us