Start typing to search
  • Popular Searches
  • AI governance
  • Data privacy and the GDPR
  • PCI DSS
  • Cyber essentials
  • ISO 27001
  • SOC 2
Get a quote
GRC Wave Graphics

Cyber Essentials: The cyber security certification your next contract is expecting

Cyber Essentials is the UK government's baseline standard for cyber security, and it is increasingly a condition of contracts, insurance policies and public sector procurement. As one of the UK's founding certification bodies, we have issued more than 12,000 certifications. Your deadline is safe with us.
Book a free consultation call

Trusted by IT managers and compliance teams across the UK

You already know you need Cyber Essentials. Here's what good looks like.

Whether you are working to a contract deadline or need to satisfy an insurer or procurement team, we will get you certified with the evidence they need to see.

Meet contract and tender requirements

Many UK public sector contracts and larger enterprise clients require Cyber Essentials before you reach the procurement stage. Without it, you may not make it past the first round.

Leverage cyber insurance

Cyber insurance is increasingly conditional on certification. Every package includes cyber insurance of up to £25,000 as standard.

Develop a proactive security baseline

Cyber Essentials protects against the vast majority of common cyber attacks. For organisations building towards ISO 27001 or broader compliance programmes, it is a recognised and meaningful first step.

Why GRC Solutions?

We are one of the UK's founding Cyber Essentials certification bodies, with more than 25 years of experience helping organisations meet their security and compliance obligations. Our wider expertise across ISO 27001, GDPR, penetration testing and PCI DSS means we understand what auditors and procurement teams need to see, not just how to issue a certificate.

What do you get from our certification packages?

Self-certification

Self-paced certification with basic support and tools.

from
Book your consultation call
  • Cyber Essentials certificate
  • Cyber insurance of up to £25,000
  • Direct communication with a technical assessor

Most popular

Get a Little Help

Full support through the certification process with expert guidance.

from
Book your consultation call
  • Cyber Essentials certificate
  • Cyber insurance of up to £25,000
  • Consultancy support
  • 2 hours’ support included

Get a Lot of Help

Comprehensive certification programme for complex organisations.

from
Book your consultation call
  • Cyber Essentials certificate
  • Cyber insurance of up to £25,000
  • Consultancy support
  • 1 day’s support included

Ready to get certified?

Trust a company that has issued more than 12,000 certificates and has received a ‘World-Class’ NPS (Net Promoter Score) of +100.

GRC Solutions, formerly IT Governance Ltd, is one of the founding Cyber Essentials certification bodies and remains one of the largest in the UK.

If you’re looking for guidance, practical advice or consultation, we can help.

✅ Fast, practical certification support
✅ Reduce cyber risk with essential controls
✅ Build trust and win more business

Loved by IT managers and compliance teams across the UK

Very easy process to follow and helpful staff on hand to help with any queries. Highly recommended.”

Liam

Very easy process to follow and helpful staff on hand to help with any queries. Highly recommended.”

Hazel

Very easy process to follow and helpful staff on hand to help with any queries. Highly recommended.”

Jonathan

Frequently asked questions

Cyber Essentials is a UK government-backed cyber security certification scheme developed by the National Cyber Security Centre (NCSC). It is built around five technical controls designed to protect organisations against the most common internet-based cyber threats. Certification demonstrates to clients, insurers and procurement teams that your organisation meets the UK’s baseline standard for cyber security. Two levels are available: Cyber Essentials and Cyber Essentials Plus.

Cyber Essentials is a verified self-assessment. You complete a questionnaire covering the five control areas, which is then reviewed and marked by an accredited assessor. Cyber Essentials Plus includes everything in the standard certification, plus an independent technical audit of your systems to verify that the controls are correctly implemented. Cyber Essentials Plus provides a higher level of assurance and is often required for contracts involving sensitive data or critical systems.

The cost of Cyber Essentials certification is based on the size of your organisation. Packages start from £420 + VAT for micro organisations. Cyber Essentials Plus certification starts from £2,055 + VAT. All packages are fixed-price and include cyber insurance as standard for eligible UK organisations. Contact us for a tailored quote based on your specific requirements.

The timeline depends on how prepared your organisation is and which level of certification you are pursuing. For Cyber Essentials, same-day assessment is usually available once you have completed the self-assessment questionnaire. Cyber Essentials Plus requires an additional technical audit, which takes longer to schedule and complete. Our advisers will give you a clear timeline during your free consultation call.

Cyber Essentials certification is mandatory for all UK government suppliers bidding on contracts that involve handling personal data or delivering technical products and services. It is also required for Ministry of Defence contracts and many NHS and public sector procurement frameworks. Beyond government contracts, many larger private sector organisations now require their suppliers to hold a valid Cyber Essentials certificate. Even where it is not a contractual requirement, certification is increasingly expected as a condition of cyber insurance policies.

Cyber Essentials Plus is typically required for organisations handling more sensitive information, bidding on contracts that specify a higher level of assurance, or working within critical sectors such as defence, healthcare and finance. It is also a strong choice for organisations that want independent verification of their cyber security controls rather than relying on self-assessment alone. If you are unsure which level your contract or client requires, our team can advise during your free consultation call.

Every Cyber Essentials package from GRC Solutions includes cyber liability insurance of up to £25,000 as standard for eligible UK organisations with a turnover under £20 million. This includes 24/7 incident response support covering technical, legal and crisis management services. The insurance is arranged through IASME and is included in the certification package price at no additional cost.

If a contract, client or procurement framework has specified the level required, that is your answer. If you are certifying for general compliance, cyber insurance or as a first step towards ISO 27001 or broader cyber security accreditation, Cyber Essentials is usually the right starting point. If your organisation handles sensitive data, operates in a regulated sector or wants the added credibility of an independent technical audit, Cyber Essentials Plus is worth considering. Book a free consultation call and our advisers will recommend the right certification path for your organisation.