There are two levels of Cyber Essentials certification available, the standard Cyber Essentials certification and Cyber Essentials Plus.
Cyber Essentials certification will provide a basic level of confidence that an organization has implemented cyber security controls effectively.
Cyber Essentials Plus
builds on the Cyber Essentials foundations. Certification at this level tests whether the organization’s implemented controls are sufficient to protect against internet based threats. Achieving Cyber Essentials Plus certification is more challenging than achieving the standard Cyber Essentials certification, and includes a pen test to provide a higher level of assurance that the organization’s cyber assets are secure. Certification is valid for 12 months.
The standard Cyber Essentials certification must already be held in order to apply for Cyber Essentials Plus certification.