Consulting

Cyber Essentials Readiness for UK SMEs

Practical support to help you get ready before you apply. We review your setup against the Cyber Essentials controls, identify the gaps, and give you a clear remediation plan your team can actually work through.

This is a readiness service, not a certification body. The goal is to reduce failed assessments, avoid last-minute surprises, and help you approach certification with evidence and confidence.

From £495 + VAT SME-focused Certification fee separate
Book a Discovery Call See What's Included

Best Fit For

  • ✓ SMEs bidding for contracts that require Cyber Essentials
  • ✓ Teams with Microsoft 365, remote workers, and mixed devices
  • ✓ Businesses unsure whether their controls meet the question set
  • ✓ Companies that want practical help, not generic policy PDFs

Where Most Businesses Get Stuck

Access Control

Shared admin accounts, weak joiner-leaver processes, and missing MFA on key systems.

Secure Configuration

Default settings left in place, unmanaged laptops, and unclear hardening standards.

Patch Hygiene

No reliable patching routine, unsupported software, or uncertainty around update evidence.

Evidence

Controls may exist, but nobody has mapped them clearly to the assessment questions.

What The Service Includes

Focused, practical support designed to get you assessment-ready

1. Readiness Gap Assessment

We walk through your current environment, user setup, devices, cloud services, patching approach, and security controls against the Cyber Essentials question areas.

Output: a clear traffic-light view of what is ready, what is risky, and what needs fixing first.

2. Prioritised Remediation Plan

We turn the findings into a step-by-step action list with practical fixes, owners, and a sensible order of work so your team can move quickly.

Output: a remediation roadmap instead of a generic compliance report.

3. Policy And Process Review

We review the policies and internal processes that support the answers you intend to give, especially around access control, patching, software use, and device management.

Output: leaner, usable documentation that matches what the business actually does.

4. Pre-Submission Review

Before you apply, we sense-check your responses and supporting evidence so there are fewer avoidable errors or ambiguous answers.

Output: a cleaner submission with fewer surprises during assessment.

Typical Deliverables

  • ✓ Cyber Essentials readiness report
  • ✓ Prioritised remediation tracker
  • ✓ Evidence checklist for key answers
  • ✓ Policy and wording feedback
  • ✓ Practical guidance for Microsoft 365 and endpoint basics
  • ✓ Pre-submission review call

Official Certification Fees

The Cyber Essentials certification fee is separate from consulting support

Micro

£320 + VAT

0-9 employees

Small

£440 + VAT

10-49 employees

Medium

£500 + VAT

50-249 employees

Large

£600 + VAT

250+ employees

Certification fees are set by IASME and subject to change. Cyber Essentials Plus is quoted separately by certification bodies and depends on the size and complexity of your environment. Check iasme.co.uk for current rates.

Readiness Consulting Pricing

Diagnostic Review

£495 + VAT

Standalone Diagnostic

A focused assessment of where you stand against the Cyber Essentials controls, with a clear action list. No ongoing commitment required.

  • ✓ 60-90 minute discovery call
  • ✓ Question-set walkthrough
  • ✓ Traffic-light gap assessment
  • ✓ Prioritised action plan
  • ✓ Follow-up recommendations email

Readiness Partner

£1,250 + VAT

Most Practical

Assessment, action plan, and follow-up support while you close gaps and prepare your submission.

  • ✓ Everything in Diagnostic Review
  • ✓ Policy and controls review
  • ✓ Remediation workshop with your team
  • ✓ Evidence and answer sense-check
  • ✓ Pre-submission review call

Readiness Sprint

£2,400 + VAT

Fast-Track

For larger SMEs, tighter deadlines, or more moving parts across Microsoft 365, endpoints, remote access, and internal ownership.

  • ✓ Everything in Readiness Partner
  • ✓ Up to 3 implementation sessions
  • ✓ Priority turnaround over 2-4 weeks
  • ✓ Draft response review
  • ✓ Assessor-ready handover pack

These prices are for readiness consulting only. Official Cyber Essentials certification fees and any Cyber Essentials Plus audit fees are separate.

Preparing for Cyber Essentials Plus?

Plus requires a hands-on technical audit by the certification body. Preparation is more involved.

Cyber Essentials Plus goes beyond the self-assessment questionnaire. The certification body will verify your controls technically, testing firewall rules, patching, configuration, and access controls on representative devices.

If you are targeting Plus, the preparation scope is wider: evidence needs to be tighter, device coverage needs to be confirmed, and any gaps found during the technical audit can delay or fail the certification.

We scope Plus readiness work separately. If you know you need Plus, for example because a client or contract requires it, get in touch and we will quote for your environment.

Why Work With Us

SydSec is a specialist consultancy focused on practical security outcomes for UK SMEs. Cyber Essentials readiness is a core part of what we do, not an add-on service.

Our background includes Cisco CCNA certifications across enterprise networking, security, and automation, Cisco DevNet Associate, and a BSc in Cyber Security with The Open University. We work with the Cyber Essentials question set directly, not from a generic checklist.

  • ✓ CCNA Security
  • ✓ CCNA Enterprise Networking & Automation
  • ✓ Cisco DevNet Associate
  • ✓ BSc Cyber Security (Open University)
  • ✓ Credly verified badges

Get Certified-Ready

Start with a free 20-minute discovery call. We will tell you where you stand and what needs to happen before you apply.

Book a Discovery Call General Enquiry