Cyber Essentials Foundation. The mandatory first step.
Cyber Essentials Plus requires a valid Cyber Essentials certificate before the technical audit can begin. IP Four completes the self-assessment process for you, ensuring your environment meets all five controls and your certificate is issued first time.
100%
First-Time Pass Rate
2-3 Wks
Foundation Completion Time
500+
UK Businesses Certified
IASME
Accredited Assessors
Foundation capabilities for Cyber Essentials certification.
Scope Definition
Define the boundary of your Cyber Essentials assessment, including all devices, cloud services, and remote workers that fall within scope.
Self-Assessment Questionnaire Completion
Work through the IASME self-assessment questionnaire with you, ensuring every answer is accurate, evidenced, and aligned to the technical requirements.
Five Controls Gap Review
Review your current posture against all five Cyber Essentials controls before submission to identify and close any gaps that would cause a fail.
Evidence Preparation
Prepare the supporting evidence required by the assessor, including screenshots, configuration exports, and policy documents.
Assessor Liaison
Liaise directly with the IASME-accredited assessor on your behalf, responding to queries and providing additional evidence as required.
Certificate Issuance Support
Coordinate the final steps of certificate issuance and ensure your Cyber Essentials certificate is valid and ready for use as the CE Plus prerequisite.
From gap review to certificate issued.
Scoping Workshop
Agree the boundary of your Cyber Essentials assessment, including all in-scope devices, cloud platforms, and remote working arrangements.
Controls Review
Assess your current configuration against all five controls: firewalls, secure configuration, user access control, malware protection, and patch management.
Remediation
Fix any gaps identified in the controls review so your environment meets the standard before the self-assessment questionnaire is submitted.
Questionnaire Completion
Complete the IASME self-assessment questionnaire accurately, with supporting evidence prepared for each control area.
Assessor Submission
Submit the completed questionnaire to the IASME-accredited assessor and manage the review process through to approval.
Certificate Issued
Receive your Cyber Essentials certificate, which is the mandatory prerequisite for proceeding to the Cyber Essentials Plus technical audit.
Cyber Essentials Foundation delivered across the UK.
Challenge: A 25-person SaaS company needed Cyber Essentials Plus to win a public sector contract but had never held any certification and did not know where to start.
Outcome: IP Four scoped the assessment, remediated three control gaps, completed the questionnaire, and secured the Cyber Essentials certificate within three weeks, ready for the CE Plus audit.
Challenge: A consulting firm had attempted the self-assessment independently but failed due to incomplete evidence for the user access control and patch management controls.
Outcome: IP Four reviewed the failed submission, closed the evidence gaps, and resubmitted successfully. The certificate was issued within five working days of re-engagement.
Challenge: An NHS supply chain company needed both Cyber Essentials and Cyber Essentials Plus before a contract renewal deadline of six weeks.
Outcome: IP Four ran the foundation and Plus preparation in parallel, securing the Cyber Essentials certificate in week two and completing the technical audit in week five, ahead of the deadline.
Start your Cyber Essentials Foundation and unlock CE Plus.
We begin with a free gap review against all five controls. You will know exactly what needs to change before we submit anything. No surprises, no failed attempts.