United Kingdom Cyber Essentials PLUS

UK Cyber Essentials PLUS overview

Cyber Essentials is a UK government-backed scheme designed to help organizations assess and mitigate risks from common cyber security threats to their IT systems. The Cyber Essentials scheme is a cyber security standard that identifies security controls for an organization to have in place within their IT systems. Cyber Essentials scheme is a requirement for all UK government suppliers handling any personal data. The Cyber Essentials badge helps an organization demonstrate the ability to:

  • Identify potential risks to help organizations better protect against common cyber threats.
  • Demonstrate an organization has adopted the proper security controls to protect customer data.
  • Become compliant with UK government expectations for Cyber Security Essential requirements and eligible to bid for UK government contracts.

The Cyber Essentials scheme is designed for UK government suppliers to identify potential weaknesses in their IT systems and software that could exploit customer data. The methodology has defined two different levels of certification:

  • Cyber Essentials is the first level and includes a self-assessment for organizations to check the most important IT security controls of their IT infrastructure. The responses are independently reviewed by an external certifying body.
  • Cyber Essentials PLUS offers the same controls coverage as Cyber Essentials and also includes additional assurance by carrying out systems tests of implemented controls through an authorized third-party certifying body.

Microsoft and UK Cyber Essentials PLUS

Microsoft Azure has attained Cyber Essentials PLUS badge and meets the requirements outlined in the Cyber Essentials Scheme. Azure production systems are frequently tested and audited to provide evidence of a world-leading compliance portfolio.

The Azure Cyber Essentials PLUS certification, which applies to our global operation of Azure, is available for download.

Audits, reports, and certificates

Use Microsoft Compliance Manager to assess your risk

Microsoft Compliance Manager is a feature in the Microsoft 365 compliance center to help you understand your organization's compliance posture and take actions to help reduce risks. Compliance Manager offers a premium template for building an assessment for this regulation. Find the template in the assessment templates page in Compliance Manager. Learn how to build assessments in Compliance Manager.

Resources