- May 25 2023
Cyber Essentials Plus is an expansion upon the “Cyber Essentials Verified Self-Assessment” which Cappagh achieved at the beginning of May and includes an audit of the organisations IT systems.
Cyber Essentials sets out the necessary technical controls; the related assurance framework shows how the independent assurance process works for Cyber Essentials Plus certification through an annual external assessment conducted by an accredited assessor.
The key elements of the Cyber Essentials Plus audit are summarised as follows:
- A sample of computers at our organisation were picked by the assessor, who then performed an audit to ensure that the devices are configured as per the scheme
- A vulnerability scan was performed on these machines to confirm patching and configuration is at the required level
- An external port scan of all our internet facing IP addresses was caried out to ensure no clear and obvious misconfigurations or vulnerabilities were identified
- A test was conducted on our default email/internet browser to confirm how well configured they are to prevent execution of fake malicious files
- Screenshots were taken as evidence that the system is Cyber Essentials Plus compliant
Cappagh’s achievement of the Cyber Essentials Plus certification demonstrates our further commitment to mitigate the risk from common Internet-based threats, within the context of the UK Government's 10 Steps to Cyber Security. It is backed by industry, including the Federation of Small Businesses, the Confederation of British Industry and a number of insurance organizations that offer incentives for businesses holding this certification.Go Back