Cyber Essentials Plus has the same as requirements of Cyber Essentials with the critical difference that it requires an independent assessment
of your security controls, to verify that you have
the technical security controls in place.
Cyber Essentials plus
Cyber Essentials Plus is an audited scheme.
In addition to providing satisfactory answers to the questions in the Cyber Essentials Scheme,
your organisation will be evaluated against a test specification set out by the National Cyber Security Centre.
For this, the external network is tested (Penetration Testing, Ports, Services), including looking at basic web application scanning for common vulnerabilities (Penetration testing / Vulnerability Scanning).
The internal systems are also tested (mainly e-mail).
If all are correct, Forti5 technologies make a recommendation to IASME
to issue the Cyber Essentials Plus certificate and insurance.