Independent technical audit of your controls - proving your Cyber Essentials answers stand up in the real world and giving customers extra confidence.
Get Cyber Essentials certified - quickly and confidently
Whether you need help getting ready, completing your assessment, or staying compliant year-round, our accredited team guides you end-to-end.
Cyber Essentials: the baseline every organisation should have
It’s the first step to securing your organisation against the most common threats – and it shows customers you take cyber seriously. When you need stronger assurance, Cyber Essentials Plus adds an independent audit of your controls. Wanstor helps you get there with practical support – gap analysis, policy alignment, scanning, and mock audit prep – all designed to strengthen security without disrupting day‑to‑day work.
The Cyber Essentials Scheme
Cyber Essentials is an effective scheme backed by the UK government involving an audit built around five basic technical controls, specifically designed to prevent the most common cyber-attacks. Organisations that are Cyber Essentials certified can demonstrate and reassure customers that they are serious about cyber security and safeguarding the integrity of their clients’ data.
Cyber Essentials Consultancy Services
Wanstor’s Cyber Essentials Consultancy packages help you to align your organisations security posture to a Cyber Essentials standard. We offer assessment and advisory services to help you swiftly align your existing policies and controls with the Cyber Essentials standard or detailed technical discovery for those organisations that are unsure of their existing security posture.
Gap Analysis: Cyber Essentials
Best for: When you manage security internally but want expert guidance before submitting.
£1000
- flat fee
- a consultant-led workshop through the CE controls and question set
- a gap analysis
- remediation plan (based on workshop inputs)
- Output: Gap report + remediation plan.
Gap Analysis: Cyber Essentials Plus
Best for: When you want validation of policies and devices before CE+ assessment.
£3150
- flat fee
- workshop through the CE question set + policy review
- vulnerability scanning (up to 20 external IPs and 250 internal hosts)
- a mock audit of a device sample and a remediation plan
- Output: Gap report + vulnerability report + remediation plan.
Consult & Discovery
Best for: When you need a complete picture of your current posture and technical verification.
- workshop + deeper technical discovery (controls review like GPO/Intune/MFA)
- network scanning/asset discovery
- AV/malware status review
- boundary access rule review
- SaaS discovery methodology
| Consultancy | Gap Analysis: Cyber Essentials I wish to confirm that my answers meet the CE requirements before assessment |
Gap Analysis: Cyber Essentials Plus I wish to confirm my policies and devices meet CE+ requirements before assessment |
Consult & Discovery I’m unsure of my security posture and want my organisation to be reviewed against CE controls |
|---|---|---|---|
| Question Set Consultancy Q&A of Cyber Essentials Question Set with a Cyber Essentials qualified Security Professional |
|||
| Policy Consultancy Review of your written policy controls and verification that they apply to the Cyber Essentials assessment criteria |
|||
| Threat & Vulnerability Scan Threat and Vulnerability scan of your network with suggested remediation action for each item |
Up to 20 External IP addresses and up to 250 assets | ||
| Cyber Essentials Plus Sample Audit Conduct a mock audit of a sample of devices against the controls for Cyber Essentials Plus. Up to 15 devices |
|||
| Environment Review Collection of data from your environment to answer questions about its current state for End User Devices, Network Devices and Technical Controls |
|||
| Report A detailed report on Gaps to be closed against the Cyber Essentials standard including a detailed remediation plan |
|||
| Price | £1,000 | £3,150 | Get a quote |
Additional Services
Intensive remediation scoped on per project basis.
Managed Security Service available, scoped separately.
Cyber Essentials Assessment
Ongoing compliance support.
Cyber Essentials Assessment
I want to apply for the Cyber Essentials Certificate
- Cyber Essentials Assessment**
Cyber Essentials Assessment Advice
I want a little help with my assessment
£450
- flat fee
- Assessment Consultancy
Cyber Essentials Plus Assessment
I want to apply for the Cyber Essentials Plus Certificate
- Environment Review
| Cyber Essentials – I want to apply | Cyber Essentials – I need help with my assessment | Cyber Essentials Plus Assessment – I want to apply | |
|---|---|---|---|
| Cyber Essentials Assessment** Creation of Applicant in the IASME Portal, Assessment of answers provided against the Cyber Essentials Standard and Issue of the certificate (if successful) |
|||
| Cyber Essentials Plus Audit Audit and report to governing body against the Cyber Essentials Plus criteria |
|||
| Assessment Consultancy Before submission an assessor is going toreview your assessment and provide feedback via email |
|||
| Price | Price based on Org Size: 0-9 Employees £350 10-49 Employees £470 50-249 Employees £590 250+ Employees £700 |
Fixed Cost £450 | Price based on Org Size: 0-9 Employees. £1,600 10-49 Employee. £2,100 50-249 Employees £2,500 250+ Employees £3,100 |
**IASME will always require an audit to be performed by a certification body in addition to their certification charges. We are a certification body for IASME and can undertake this audit for you. Our Accreditation Price is for a IASME audit, and certification.
Managed Cyber Essential Services
Once certification has been achieved, we recommend keeping your cyber security posture maintained to this standard by using our Managed Cyber Essentials service. Our team of security experts will manage, report on and remediate any technical issues – enabling you to protect your business and ensure your annual re-certification is trouble-free.
Prerequisites
- Initial compliance audit against Cyber Essentials requirements
- Remediation of known vulnerabilities/configuration issues
- Onboarding uplift may apply to bring an environment up to standard
What we do
- Combine baseline service data with additional monthly checks to provide a monthly overview of your posture
- Provide monthly reporting with an action tracker (admin accounts, secure configuration, firewall status, GPO/Intune policy state reviews)
What you still own
Your organisation retains responsibility for parts of the standard that fall outside the managed service scope (e.g., organisation, scope of assessment, insurance, password-based authentication).
Ready to get Cyber Essentials (or Plus) done properly?
Whether you need a quick assessment or full support to close gaps, Wanstor helps you certify with confidence - from consultancy and scanning to CE+ audit and remediation.
Get in touch
"Catch22 is now CE+ certified, thanks to Wanstor and its incredible UK Cyber Essentials team for guiding, assisting and working with us to the tightest of deadlines. The team have all gone above and beyond to keep Catch22 on track and get us over the line."
Catch22
Our Cyber Security Certifications
Cyber Essentials Plus
IASME Cyber Assurance
A flexible, affordable route to cyber resilience that demonstrates meaningful cyber security and data protection controls - available as Level 1 (verified assessment) and Level 2 (audited).
ISO/IEC 27001
The global gold standard for information security management - showing we run a structured, risk‑based ISMS to protect the confidentiality, integrity and availability of information.