How quickly can I get Cyber Essentials certified?

With Fig Group, Cyber Essentials certification is typically completed within 6 hours for orders placed before midday. This is the fastest turnaround of any IASME-accredited certification body in the UK. Cyber Essentials Plus takes 1–3 working days due to the external technical verification requirement.

How much does Cyber Essentials cost?

Cyber Essentials costs from £349 (micro, 1–9 employees) to £649 (large, 250+ employees). Cyber Essentials Plus costs from £1,499 to £4,499. All Fig Group pricing is fully inclusive with no hidden fees, no assessment charges, and no mandatory add-ons.

What is the difference between Cyber Essentials and Cyber Essentials Plus?

Cyber Essentials is the self-assessed certification level where you complete a questionnaire covering five core security controls. Cyber Essentials Plus adds an external technical audit including vulnerability scanning. Both certifications are valid for 12 months and carry the same NCSC badge.

Is Cyber Essentials mandatory?

Cyber Essentials is mandatory for UK government contracts involving sensitive or personal data under PPN 014/21. It is also increasingly required by private-sector supply chains, insurance underwriters, and clients as evidence of foundational cybersecurity.

What are the five Cyber Essentials controls?

The five controls are: firewalls and internet gateways, secure configuration, security update management (patching within 14 days), user access control, and malware protection. Under v3.3 (April 2026), multi-factor authentication (MFA) is mandatory for all user accounts in scope.

IASME Accredited Certification Body

Cyber Essentials Certification UK
IASME Accredited – Under 6 Hours

Cyber Essentials is the UK government-backed cybersecurity certification scheme that validates your organisation has implemented five core security controls. Fig Group is an IASME-accredited Cyber Essentials certification body delivering the fastest certification in the UK – certified in under 6 hours for orders before midday. From £349 with no hidden fees.

View Pricing Check Your Readiness

Cyber Essentials certification from Fig Group, an IASME-accredited certification body. The UK government-backed cybersecurity scheme covering five core controls. Cyber Essentials from £349, Plus from £1,499. Certified in under 6 hours with no hidden fees. The simplest, fastest route to Cyber Essentials certification for UK organisations of all sizes.

What Is Cyber Essentials Certification?

Cyber Essentials is a UK government-backed cybersecurity certification scheme administered by IASME on behalf of the NCSC (National Cyber Security Centre). The scheme validates that organisations have implemented five core security controls: firewalls and internet gateways, secure configuration, security update management, user access control, and malware protection. There are two certification levels: Cyber Essentials (self-assessed) and Cyber Essentials Plus (externally verified with vulnerability scanning). Certification is valid for 12 months. It is mandatory for UK government contracts involving sensitive data or personal information and is increasingly required by private-sector supply chains, insurers, and clients as evidence of cyber hygiene.

Government-backed

NCSC-backed scheme, mandatory for government contracts handling sensitive data.

Five core controls

Firewalls, secure config, patching, access control, and malware protection.

Two levels

Cyber Essentials (self-assessed from £349) and Plus (externally verified from £1,499).

12 months validity

Certificate valid for one year. Annual renewal keeps your certification current.

What is Cyber Essentials?

A UK government-backed cybersecurity certification scheme

Cyber Essentials is the UK government-backed cybersecurity certification scheme administered by IASME on behalf of the NCSC (National Cyber Security Centre). It validates that your organisation has implemented five core security controls: firewalls, secure configuration, security update management, user access control, and malware protection. The current v3.3 requirements include mandatory multi-factor authentication (MFA) for cloud services and administrator accounts.

There are two Cyber Essentials certification levels. Cyber Essentials is self-assessed – you complete a questionnaire that an accredited assessor reviews (from £349). Cyber Essentials Plus adds an external technical audit with vulnerability scanning for stronger assurance (from £1,499). Both certifications are valid for 12 months and are listed on the NCSC public register. Certification is mandatory for government contracts involving sensitive data and increasingly expected across private-sector supply chains.

Firewalls & internet gateways

Secure configuration

Security update management

User access control

Malware protection

MFA mandatory (v3.3)

How It Works

Four steps to Cyber Essentials certification with Fig Group

Order your certification

Select your organisation size and order Cyber Essentials certification online. From £349, fully inclusive, no hidden fees.

Complete the self-assessment

Answer the Cyber Essentials questionnaire covering five core security controls. Our platform guides you through every question with plain-English explanations.

Assessor review and feedback

An IASME-accredited assessor reviews your submission. If corrections are needed, you receive up to three rounds of structured feedback at no extra cost.

Receive your certificate

Once your submission meets the requirements, your Cyber Essentials certificate is issued in under 6 hours. NCSC registered and badge delivered.

Transparent Pricing

Cyber Essentials certification from £349. No hidden fees.

Micro (1-9)

£349

Small (10-49)

£449

Medium (50-249)

£549

Large (250+)

£649

View all pricing including Cyber Essentials Plus

Why Choose Fig Group

IASME-accredited certification body with the fastest turnaround in the UK

Fastest in the UK

Cyber Essentials certified in under 6 hours for orders before midday. No other IASME-accredited body matches this speed. Same day certification is the standard service – not a premium add-on.

Transparent pricing

Every price is published upfront. No hidden assessment fees, no consultancy charges, no mandatory add-ons. Cyber Essentials from £349, Plus from £1,499. What you see is what you pay.

IASME accredited

Fig Group is a fully IASME-accredited certification body authorised to assess organisations for both Cyber Essentials and Cyber Essentials Plus. The certificate is the same government-backed credential regardless of which body issues it.

3x structured feedback

If your submission needs corrections, Fig Group provides up to three rounds of structured, in-platform feedback. Each round identifies the specific controls that need attention and explains what to change.

v3.3 compliant

Fig Group assesses against the latest NCSC Cyber Essentials Requirements v3.3, effective April 2026, including the mandatory MFA requirement for all user accounts in scope.

Readiness checker

Use our free readiness checker to assess your position before purchasing. Identify gaps, understand the requirements, and go into your assessment prepared.

Frequently Asked Questions

Common questions about Cyber Essentials certification

View all frequently asked questions

Have a Question?

Whether you need help choosing between Cyber Essentials and Plus, want to discuss multi-organisation pricing, or just have a question about the process – we are here to help. Submit an enquiry and a member of the team will respond within one working day.

No obligation – just honest guidance

Response within one working day

Multi-organisation and MSP pricing available

Get Cyber Essentials Certified

Cyber Essentials certification from an IASME-accredited body – from £349, certified in under 6 hours.