Cyber Security Data security

Technical Assistance with Cyber Essentials Plus and ISO 27001

Posted by Neil Elton on December 26, 2022
Technical Assistance with Cyber Essentials Plus and ISO 27001

The Challenge:  

Your company passed Cyber Essentials. You have self-certified your cybersecurity credentials. How can you independently verify your company meets industry standards for cybersecurity and your Information Security Management System (ISMS) is compliant?  

How do you stand out as a company that focuses on cybersecurity compliance?    

The Solution:  

The United Kingdom Government’s Department for Digital, Culture, Media & Sport’s Cyber Security Breaches Survey 2021 confirms only 1% of organisations recognise adherence to Cyber Essentials Plus standards with only 7% adhering to ISO 27001.   

When you register for a Cyber Essentials Plus assessment, you are assessed by a highly trained assessor, assessing whether all the controls you have self-declared in your Cyber Essentials certification have been implemented.    

The Cyber Essentials Plus audit process involves the assessor:   

  • selecting a sample of your devices, auditing whether they are configured in line with the criteria.  
  • performing a vulnerability scan checking all basic configurations and patching are acceptable.  
  • conducting an external port scan of your internet facing IP addresses for any misconfigurations and vulnerabilities.  
  • testing your default email and internet browser configurations, seeing if they can prevent Cyber Criminals executing fake malicious files.  
  • providing 30 days for you to remedy any issues they identify.  

ISO/IEC 27001 Information Security Management provides the requirements for your Information Security Management System (ISMS) helping your company manage the security of your employees’ data and any client information.  

ISO/IEC 27001:2013 your Information Security Management System (ISMS) is integrated into your processes and management structure, with information security being considered in the design of every process, information system and control, scaled to your needs.  

The Outcome:  

You can independently demonstrate you are compliant with cybersecurity industry standards.  


Call Chalkline today on 020  3819  3300 or review our IT Security Packages for SMBs page and book a meeting with us, we can help with all elements of cyber hygiene and answer any questions you might have.