On the 1st April 2020, NCSC the government agency responsible for the Cyber Essentials Scheme re-launched the scheme.
As part of the changes instead of a certification body, such as Kalamunda Consulting Ltd, having the option to work under the auspices of one of a number of Accreditation Bodies the delivery of the Cyber Essentials scheme changed and certification bodies now have to be licensed by the IASME Consortium now the single Cyber Essentials Partner with the NCSC.
If you have previously achieved certification to Cyber Essentials through Kalamunda Consulting Ltd, you will notice some differences in the way your re-certification is conducted.
Although the fundamental requirements of the Cyber Essentials scheme (the five technical control) will remain the same all certifications will now be evaluated using the IASME question set and assessment guidelines using the IASME Cyber Essentials Evaluation Portal.
Wheras under the previous scheme Kalamunda Consulting clients self-registered on the assessment web-site, completed the questionnaire on-line and then paid at the time of submission the Cyber Essentials 2020 requires us to create your user account from details you provide us and collect payment from you at the time of registration. We are however able to provide you with a self assessment questionnaire which you can complete, free of charge, prior to registration.
Other differences are that:
1. All staff-owned devices will need to be included in the scope of your assessment if they access your business data, including email.
2. Any servers that are connected to internet will need to be included within the scope of your assessment.
For more details on the reasons behind the change to a sole Cyber Essentials Partner, please see the following blogs: