Cyber Essentials Plus: Frequently Answered Questions

Starting Cyber Essentials

Yes, all certificates remain valid for 12 months, at which point they will become invalid.

You first need to achieve Cyber Essentials Basic (the self-assessment) certification. This needs to be as late as possible to achieve Cyber Essentials Plus to give you enough time to get audited and certified.

Yes, you can still achieve certification, all organisations overseas are able to work towards the Cyber Essentials certification.

Yes, people can go to: and search for your company to see if you have a valid certificate.

You will fail certification if you fail any of the tests, this includes the following:

  • Running as a local administrator
  • Not having multi-factor authentication enabled
  • Running out of date/unsupported Operating Systems

If you fail any tests, we will inform you at the time and you will have up to 30 days to remediate any changes or up to the three month cutoff window, whichever comes first.