Cyber Essentials Assured
Cyber Essentials Assured is our recommended route for organisations seeking the smoothest and most straightforward path to CE certification, with the assurance of confirmed compliance at every stage. It combines targeted advisory support with additional activities focused on areas that, based on our assessors’ experience, most commonly present challenges during assessment.
This offering includes the scope verification checks required for CE + and is therefore the default CE offering within URM’s CE+ services.
Platform Access and Initial Questionnaire Completion
You are provided with access to the Abriska platform, which includes embedded advice and guidance within the questionnaire.
Scope Verification Workshop
Early in the process we will run a scope verification workshop with you. The Danzell questionnaire provides a much greater focus than previous questionnaires on correct scoping, particularly if your certification is for an entity within a wider group. This workshop ensures that your CE scope is accurate and correctly reflects any group structures or legal entities. It also confirms that the scope is suitable for a future CE+ assessment, if you are moving onto CE+.
As part of the workshop, the assessor will work with you to agree:
- Devices in scope
- Networks in scope
- Any segregation arrangements
- Parent, child, or wider group relationships
Technical considerations, such as the presence of hypervisors or other relevant infrastructure elements, are also identified and discussed where applicable.
This process helps identify potential issues at an early stage, including unsupported devices, high numbers of out-of-date systems, or ineffective segregation arrangements.
Questionnaire Completion and Feedback Review
Following the scope verification workshop, you will complete an initial draft of the questionnaire to the best of your ability, using the built-in guidance to support accurate and complete responses. You will then submit the questionnaire for review. Once submitted, an experienced URM assessor will conduct an in-depth review of all responses and arrange a structured 1-hour questionnaire feedback session via Microsoft Teams.
For organisations intending to proceed to CE+, the assessor will also capture the agreed scope information as evidence, such as obtaining exports or screenshots, in line with the Technical Scope Verification (TSV) requirements of the CE+ scheme. Once agreed, the outcome of the review forms part of the evidence used during your formal CE+ assessment.
During this session, the assessor will help you clearly demonstrate your compliance, supporting you in addressing ambiguous responses that could otherwise be interpreted as not fully meeting CE requirements. Included follow-up support can be used as needed to discuss, address, and resolve any outstanding issues, ensuring the submission fully aligns with the agreed scope and clearly evidences compliance with CE requirements.
Final Submission and Cyber Essentials Assessment
Once the questionnaire has been finalised, you submit it through the Abriska platform, where it will be marked by an experienced URM assessor. Where minor inaccuracies are identified, these are resolved through the included support before the final submission is made.
Once a compliant submission has been achieved, you will be notified via Abriska and can arrange senior management sign off. This ensures sign off is only required once the questionnaire is confirmed to be accurate and compliant.
What is the cost?
Pricing as of 27 April 2026:
*adopts the internationally recognised definition for micro, small, medium and large enterprises
Client Feedback
Support request
If you are interested in URM’s support, please specify the subject in the form below.
Please note, we can only process business email addresses.
Why URM?
As an accredited certification body, URM has an unrivalled record in assisting organisations of all sizes achieve certification to Cyber Essentials and Cyber Essentials Plus. URM is also an accredited Assured Service Provider under the NCSC Cyber Advisor scheme and has a large team of experienced, pragmatic assessors who are here to support you and guide you through the process.
Not only do we bring a wealth of cyber security knowledge, but also a wide and varied experience of all the leading cyber and information security standards.
As such, you can be assured that you are getting advice that is right for you and your organisation, taking into account your sector, size and the information you are looking to protect. Our large team of assessors also enables us to guarantee a super-fast turnaround.
Understanding Defence Cyber Certification (DCC)
URM’s blog explains how the DCC works, who needs it, the benefits of certification, with clear guidance on how to approach compliance and avoid common mistakes.
URM’s blog explains the purpose, structure and content of the Government’s new Cyber Resilience Pledge, and what it means for organisations across the UK.
URM’s blog breaks down key changes to the Cyber Essentials scheme coming into force on 27 April 2026, including the new Danzell Question Set.
URM’s blog explains recent amendments to the Cyber Security and Resilience Bill, how they align with broader regulatory shifts, & practical steps to prepare.