Terms & Conditions

Cyber Essentials Basic


  1. These Terms and Conditions apply to the provision of the Cyber Essentials certification which are provided by InfoSec Governance Ltd a company registered in England and Wales under number 12289766 whose registered office is at 73 Duke Street, Darlington, County Durham, DL3 7SD (we or us or Service Provider) to the person buying the services (you or Customer).
  2. You are deemed to have accepted these Terms and Conditions in addition to our standard terms and conditions of service when you accept our quotation or from the date of any performance of the Services (whichever happens earlier) and these Terms and Conditions and our quotation (the Contract) are the entire agreement between us.
  3. This agreement overrides any conflicting or existing terms and conditions which are in place for the provision of the Cyber Essentials basic self-assessment audit and certification.
  4. You acknowledge that you have not relied on any statement, promise or representation made or given by or on our behalf. These Conditions apply to the Contract to the exclusion of any other terms that you try to impose or incorporate, or which are implied by trade, custom, practice or course of dealing.


  1. The quotation for Cyber Essentials Basic self-assessment and any additional related services and terms must be agreed before the start of the audit.
  2. The provision of required information, such as billing email address, company name, company address, as well as name, email and mobile number of person completing assessment must be provided.


  1. An audit is a snapshot in time it does not guarantee that the business is 100% secure but does provide assurance that key aspects are working in accordance with the scheme
  2. Failure of certification will be reported to IASME where systems are clearly non-compliant with the Cyber Essentials Scheme requirements.
  3. Full or partial retests will be determined at the discretion of the auditor/IASME and will be billed separately under the same terms as the original agreement on a time and materials basis.
  4. Certification lasts for one year, renewal is required to stay certified.


  1. Payment of invoice is due regardless of certification outcome and to be paid by invoice due date.


  1. You have the right to appeal a failure within 30 days directly to InfoSec Governance Ltd via [email protected] or telephone at: 0330 043 0826. The IASME Consortium Ltd and/or the UK National Cyber Security Centre(NCSC) are the final arbitrators of any appeal process.
  2. You can complain directly to InfoSec Governance Ltd via [email protected] or telephone via 0330 043 0826 within 30 days, we will work with you to find a mutually satisfactory resolution.