That’s a ‘how long is a piece of string question’! It depends on how quickly your organisation can gather the information needed and how close you are now to complying with the basic requirements of the standard. In Principal, it could be completed within 2 working days, but some organisations take months to gather the information and become compliant.
I would expect to mark the certification within 2 working days of submission.
Frequently Asked Questions
- Certification
- GDPR
- Toolbox and packs
- Workshops and Education
- Consultancy
- About Whitgift Security
What are the common Questions about Certifications? |
Q1
How long does it take to get a certificate? |
Q2
What is the self-assessment questionnaire?Both Cyber Essentials and IASME Governance – industry-respected certifications – rely on the marking of a self-assessment questionnaire to be filled in by the organisation. |
Q3
What is the process to get Cyber Essentials or IASME Governance certificates?The organisation answers questions about how security is managed within their organisation. The answers are submitted via a cloud-based portal. |
Q4
What happens if I fail Cyber Essentials certification?There are a number of reasons why organisations may fail – maybe there is simply insufficient information in the responses, or it may be that the organisation’s security is not up to standard. |
Q5
What happens if I fail IASME Governance certification?See previous answer. |
Q6
How long are certificates valid for?The Cyber Essentials certificate has no formal expiry date, however you are recommended to update certification yearly. IASME Governance certificates are valid for 1 year. |
Q7
Why would I want Cyber Essentials Plus or IASME Governance Audited?These certificates are verified by an independent auditor, providing further proof that you are following the requirements of your chosen standard. Some organisations may require their supply chain to have an audited certificate to comply with their risk assessments. |
Q8
Is there a timescale that Cyber Essentials Plus or IASME Governance Audited have to be completed?Yes. You need to complete Cyber Essentials Plus or IASME Governance Audited within 3 months of having achieved Cyber Essentials/IASME Governance self-assessment. |
Q9
Can I go straight to the audited level?No you must pass Cyber Essentials or IASME Governance self-assessment before you start on the audited level. |
Q10
Someone wants me to have a vulnerability scan. What is it?A vulnerability scan is a technical audit of the systems that are in scope for Cyber Essentials. |
Q11
Do I need a vulnerability scan for Cyber Essentials?For Cyber Essentials a vulnerability scan is not required although other ‘Accreditation Bodies’ may require and charge for such a scan. However, this is not required by the Government and certification through IASME, without a vulnerability scan, is just as valid a Cyber Essentials assessment as any other. |
Q12
Where can I use the certificate?You can use your certificate on websites and on publicity material. There are guidelines you have to follow when using the branding. |
Q13
Can anyone check that I have a certificate? |
What are the common Questions about GDPR, Toolboxes & Packs? |
Q14
What is GDPR?General Data Protection Regulation (GDPR) is a new law that protects EU citizens’ personal data. |
Q15
Does my organisation have to worry about GDPR?Probably. Businesses, charities, sole traders, start ups – any operation holding personal data or offering services or goods to people or businesses in the EU is required to comply. |
Q16
Can I see a sample of the documents in the toolbox?Yes, contact us, and we can discuss your requirements and send you an example. |
Q17
Can I pick and choose documents from the document packs?Contact us for a discussion about your requirements. |
Q18
Can the documents be used in support of compliance with other data privacy legislation?Documentation packs and toolbox could be used in preparation for compliance with privacy legislation with similar underlying principles to GDPR. |
What are the common Questions about Workshops and Training? |
Q19
Where do you run workshops?There are currently no public workshops planned. If you are interested in a public session contact us to express interest. |
Q20
Can you create me a customised workshop?All workshops are customisable to meet an organisation’s specific needs. |
Q21
How many people will attend workshops and training sessions?I would recommend that the optimal size for a workshop is 10-12 people, or for training session 15-20. This gives an opportunity for all to be involved in discussions with the ability to cover questions of interest to the participants. |
Q22
Who are the Workshops intended for?The Workshops are intended for leadership and management teams, so that they understand issues and the things they need to think about for their organisation’s security. |
What are the common Questions about Consultancy? |
Q23
Do I have to choose one of the defined services?No. We can be very flexible in supporting your needs. Call us for a conversation about how we can help. |
Q24
Will you come to us?Probably. It depends on location, and the level of consultancy that you need. Call. |
Q25
Can I ask for Whitgift Security to solve a one-off problem?Yes, we would be happy to do that. |
What are the common Questions about Whitgift Security? |
Q26
How will you use/store/share my data?Please see our Privacy Statement and Terms and Conditions, and/or contact us. Link to Privacy Notice and T&C |