Once a decision has been reached to proceed with a Cyber Essentials certification a Certifying Body needs to be appointed. An organisation has a number of suppliers that they can select. Value can be gained by appointing a supplier who is certified and possess accredited consultants as it is the combination of these features that will provide an organisation with the greatest assurance and confidence that an effective assessment has been performed in the most professional manner.
CREST member companies are ideally placed to help an organisation hire a supplier who meets these requirements, and those of the Cyber Essentials scheme. By appointing a CREST member company, an organisation can rest assured that they are procuring cyber security services from a trusted, certified external company that employs professional, ethical and highly technically competent individuals. This takes away much of the stress in validating the competence of the cyber security assessors and almost certainly ensures a faster route to certification.
An organisation can access certified suppliers via the CREST website where brief profiles on each are held along with links to their websites. After evaluating the suppliers an organisation can then make their selection and move to formally appoint. An organisation should make sure that their chosen supplier/s not only meets the specific requirements of the Cyber Essentials scheme but for future assessments.
CREST member companies providing Cyber Essentials services can be found here.
A Guide for the Cyber Essentials scheme can be downloaded here.