The first thing you need to do to achieve Cyber Essentials Plus certification is to gain Cyber Essentials certification.
You will then be audited (either remotely or on-site) by a certification body, such as URM Consulting. If the audit reveals no gaps, you will be awarded the Cyber Essentials Plus certification.
If there are gaps identified, you will have 15 days to fix them and go through the assessment again. If you do not pass this time, you will need to make a fresh application and pay for it again.
We want to pass on our thanks to our URM assessor for helping us with the assessment. He made it really very straightforward for us during the remote sessions and during the follow ups to understand what we needed to do to remediate the issues and obtain the certification. He understood our setup and gave us relevant advice, it was a pleasure working with him.
Engineering company
Get practical guidance on preventing common cyber-attacks
Get practical guidance on how to prepare for and achieve Cyber Essentials and Cyber Essentials Plus certification, and protect your organisation against these attacks.
Find out more
related BLog
Deconstructing the EU Cyber Resilience Act
Published on
18 Dec
2025
URM’s blog breaks down the new EU Cyber Resilience Act, what products/entities are in scope, the security requirements it imposes on organisations, and more.
Read more
Cyber Security
Published on
18/12/2025
Cyber Essentials Requirements UpdateURM’s blog breaks down the latest changes to the Cyber Essentials requirements and outlines why these updates matter for organisations seeking certification.
Read more
Cyber Security
Published on
21/11/2025
Cyber Security Case Study: The Human and Organisational Cost of a BreachURM’s blog shares a Managing Director’s account of navigating & recovering from a major cyber attack, with a focus on the human impact of the breach.
Read more
Cyber Security
Published on
6/11/2025
Building Cyber Security Resilience Against PhishingURM’s blog explores the different forms of phishing attacks, the strategies used to exploit human vulnerabilities, & how to protect against these attacks.
Read more
"
URM’s in-depth knowledge of cybersecurity best practices and the Cyber Essentials framework helped us strengthen both ours and our client’s security posture while ensuring full compliance. Their consultants were professional, approachable, and incredibly thorough, offering practical advice tailored to the specific needs. The Cyber Essentials Plus assessment was conducted with great efficiency, and URM’s supportive approach meant we felt well-prepared at every stage. Thanks to their expertise, we successfully achieved certification for us and our clients, giving us (and our clients) greater confidence in our cybersecurity resilience.
contact US
Let us help you
Let us help you in your compliance journey by completing the form and letting us know how we can best support you.