CYBER ADVISOR (CYBER ESSENTIALS) SCHEME
The Cyber Advisor (Cyber Essentials) scheme is a new initiative to help businesses find an assured and trusted cyber security consultant that is approved by the National Cyber Security Centre (NCSC). A licensed Cyber Advisor (Cyber Essentials) will be someone who has the knowledge and skills to advise and implement the Cyber Essentials controls in organisations of all types and sizes.
The interdependent partnership of Cyber Advisor (Cyber Essentials) with Assured Service Provider (ASP)
All Cyber Advisors (Cyber Essentials) are required to be part of licensed supplier company or consultancy called an Assured Service Provider (ASP).
To become an ASP, you will need at least one person, employed or contracted, as a Cyber Advisor (Cyber Essentials). Equally, a Cyber Advisor (Cyber Essentials) can only conduct engagements if employed by, or contracted to, an ASP. Both the ASP and the Cyber Advisor (Cyber Essentials) must be based in the UK or Crown Dependencies.
Cyber Advisor (Cyber Essentials) requirements:
Step 1: The prospective Cyber Advisor (Cyber Essentials) must first pass the NCSC’s Cyber Advisor (Cyber Essentials) exam.
The exam is delivered by Cyber Scheme. You can find details and costs on their website https://thecyberscheme.org/cyber-advisor/
Please also see:
Cyber Advisor Assessment Criteria: https://thecyberscheme.org/cyber-advisor-assessment-criteria/
Cyber Advisor Applicant Guide: https://thecyberscheme.org/cyber-advisor-supporting-notes/
Cyber Advisor: Prepare For Success: https://thecyberscheme.org/cyber-advisor-assessment-support/
Step 2: The Assured Service Provider (ASP) requirements (see below) will need to be confirmed.
Step 3: The prospective Cyber Advisor (Cyber Essentials) will need to go on a Cyber Advisor (Cyber Essentials) Induction Course.
(The cost of this course is included in the £250.00 Assured Service Provider on-boarding fee.)
Assured Service Provider requirements:
All Assured Service Providers will need to meet both security and quality requirements.
They can do this by holding one of the following security qualifications:
- Achieving UKAS accredited ISO 27001 certification
- Achieving IASME Cyber Assurance Level 2
And one of the following quality certifications:
- Achieving UKAS accredited ISO 9001 certification
- Achieving the IASME Quality Principles alongside part of a successful IASME Cyber Assurance Level 2 certification
- Achieving a QG Quality Fundamentals+ certification
The Assured Service Provider will also need to hold and maintain certification to Cyber Essentials (basic).
Summary of costs:
| Item | Cost | Cost Includes |
|---|---|---|
| Annual License Fee for Assured Service Provider | £600 | Audit costs and assessor support costs (CB meetings, Yammer, webinars and phone support, ongoing promotion of the scheme) |
| On-Boarding fee per Cyber Advisor (Cyber Essentials) | £250 | Induction training and the administration required. |
| Annual fee per Cyber Advisor (Cyber Essentials) | £250 | Ongoing admin, marketing and support from ISAME's technical and customer service teams. |
For a detailed guide on what a Cyber Advisor is and how to become one check out our guide here
Fore more information on course details click here.