Cyber Essentials Assured
Cyber Essentials Assured is our recommended route for organisations seeking the smoothest and most straightforward path to CE certification, with the assurance of confirmed compliance at every stage. It combines targeted advisory support with additional activities focused on areas that, based on our assessors’ experience, most commonly present challenges during assessment.
This offering includes the scope verification checks required for CE + and is therefore the default CE offering within URM’s CE+ services.
Platform Access and Initial Questionnaire Completion
You are provided with access to the Abriska platform, which includes embedded advice and guidance within the questionnaire.
Scope Verification Workshop
Early in the process we will run a scope verification workshop with you. The Danzell questionnaire provides a much greater focus than previous questionnaires on correct scoping, particularly if your certification is for an entity within a wider group. This workshop ensures that your CE scope is accurate and correctly reflects any group structures or legal entities. It also confirms that the scope is suitable for a future CE+ assessment, if you are moving onto CE+.
As part of the workshop, the assessor will work with you to agree:
- Devices in scope
- Networks in scope
- Any segregation arrangements
- Parent, child, or wider group relationships
Technical considerations, such as the presence of hypervisors or other relevant infrastructure elements, are also identified and discussed where applicable.
This process helps identify potential issues at an early stage, including unsupported devices, high numbers of out-of-date systems, or ineffective segregation arrangements.
Questionnaire Completion and Feedback Review
Following the scope verification workshop, you will complete an initial draft of the questionnaire to the best of your ability, using the built-in guidance to support accurate and complete responses. You will then submit the questionnaire for review. Once submitted, an experienced URM assessor will conduct an in-depth review of all responses and arrange a structured 1-hour questionnaire feedback session via Microsoft Teams.
For organisations intending to proceed to CE+, the assessor will also capture the agreed scope information as evidence, such as obtaining exports or screenshots, in line with the Technical Scope Verification (TSV) requirements of the CE+ scheme. Once agreed, the outcome of the review forms part of the evidence used during your formal CE+ assessment.
During this session, the assessor will help you clearly demonstrate your compliance, supporting you in addressing ambiguous responses that could otherwise be interpreted as not fully meeting CE requirements. Included follow-up support can be used as needed to discuss, address, and resolve any outstanding issues, ensuring the submission fully aligns with the agreed scope and clearly evidences compliance with CE requirements.
Final Submission and Cyber Essentials Assessment
Once the questionnaire has been finalised, you submit it through the Abriska platform, where it will be marked by an experienced URM assessor. Where minor inaccuracies are identified, these are resolved through the included support before the final submission is made.
Once a compliant submission has been achieved, you will be notified via Abriska and can arrange senior management sign off. This ensures sign off is only required once the questionnaire is confirmed to be accurate and compliant.
What is the cost?
Pricing as of 27 April 2026:
*adopts the internationally recognised definition for micro, small, medium and large enterprises
We engaged URM to help us complete our annual Cyber Essentials Plus certification. They have a great infrastructure and skillset to support the Cyber Essentials program and made the whole process painless for us. It’s a great way for businesses to give themselves a good security health check and in doing so spot any weak points in their IT infrastructure. URM are then perfectly placed to advise on how to fill those gaps for a robust IT / IS policy structure. In summary it’s a great way to show your customers your commitment to cyber security and ultimately keeping their data safe.
Value engagement platform
Client Feedback
Trainer:
Course:
Cyber Essentials Plus was a great exercise for the business to go through as some gaps were found and URM provided valuable information on remediation.
Client
Support request
If you are interested in URM’s support, please specify the subject in the form below.
Please note, we can only process business email addresses.
Why URM?
As an accredited certification body, URM has an unrivalled record in assisting organisations of all sizes achieve certification to Cyber Essentials and Cyber Essentials Plus. URM is also an accredited Assured Service Provider under the NCSC Cyber Advisor scheme and has a large team of experienced, pragmatic assessors who are here to support you and guide you through the process.
Not only do we bring a wealth of cyber security knowledge, but also a wide and varied experience of all the leading cyber and information security standards.
As such, you can be assured that you are getting advice that is right for you and your organisation, taking into account your sector, size and the information you are looking to protect. Our large team of assessors also enables us to guarantee a super-fast turnaround.
We are delighted to partner with URM Consulting on a wide range of information and cyber security projects and service solutions. Working with URM Consulting has proved to be extremely successful, with them consulting / advising clients and then utilising our SMART Services. These are specifically aimed at supporting organisations to achieve Detection, Compliance & Response (DCR) to support Digital Transformation outcomes. In addition, we have achieved Cyber Essentials certification with URM and are now partnering on ISO 27001 and Cyber Essentials Plus projects. We have been impressed by the breadth of URM’s governance, risk, compliance and technical expertise along with their holistic, pragmatic and tailored advice.
Managed service provider
Find out more
URM is one of the UK's most trusted training providers in the areas of information security and governance. Check our training program.
Find out more
related BLog
Cyber Essentials Update 2026
Published on
26/3/2026
URM’s blog breaks down key changes to the Cyber Essentials scheme coming into force on 27 April 2026, including the new Danzell Question Set.
Read more
Cyber Security
Published on
10/3/2026
Cyber Security and the Board: A Sign of What’s to ComeURM’s blog explains recent amendments to the Cyber Security and Resilience Bill, how they align with broader regulatory shifts, & practical steps to prepare.
Read more
Cyber Security
Published on
12/2/2026
NHS Cyber Security Open Letter: What Does it Mean for Suppliers?URM’s blog explains the recent open letter to suppliers issued by the NHS, what it means, why it matters, and the practical steps you can take to prepare.
Read more
Cyber Security
Published on
16/1/2026
Minimising the Impact When a Breach OccursURM’s blog explores the importance of cyber resilience & the steps organisations can take to prepare for and mitigate the impact of a cyber incident.
Read more
"
We’d like to thank our assessor for his usual thorough and fully detailed attention to our system. Our ISMS is being spoken about in much awe and reverence within the wider organisation and I can honestly say that, without his support and wisdom over the last few years, this would not be happening.
contact US
Let us help you
Let us help you in your compliance journey by completing the form and letting us know how we can best support you.