Prepare for Cyber Essentials certification with confidence.
We help you identify potential gaps before the assessment process begins, then guide you through to Cyber Essentials and Cyber Essentials Plus certification — practical, proportionate support for UK organisations.
Start with a free readiness review, so you have a clear picture before you decide how to proceed.
Organisations that trust A Jolly Consulting
A common starting point
Many organisations identify gaps only once the assessment process begins.
Unsure which cloud services are actually in scope.
Relying on an IT provider, but the position has never been verified.
Started the self-assessment, then paused on the first section.
A client has requested a certificate that isn’t yet in place.
Why it matters
Cyber Essentials has become a widely expected standard for doing business.
It is increasingly requested across government, regulated industries and professional-services supply chains. Putting the core controls in place also helps protect the operations and reputation you have built.
Increasingly, buyers and partners expect to see a current Cyber Essentials certificate as part of their supplier due diligence.
The process
A clear, three-step process.
We help you prepare thoroughly, so you can approach assessment with confidence and a clear understanding of each step.
Free readiness review
A short call to understand where you are today. We identify potential gaps and explain what certification will involve — before you decide how to proceed.
Address the gaps
We guide you through what needs attention — MFA, device management, cloud scope, firewall configuration — and review your evidence as you go.
Complete certification
We coordinate with the certification body and support your submission. Cyber Essentials is a verified self-assessment; Cyber Essentials Plus adds an independent technical audit.
Why certify
Six reasons certification is worthwhile.
Approached properly, Cyber Essentials does more than meet a requirement — it reduces real risk and can open new opportunities.
Protection against common threats
Helps defend against the majority of everyday attacks — phishing, malware and opportunistic intrusion — before they cause disruption.
Customer & stakeholder trust
Demonstrates to clients, partners and investors that you take security seriously, and provides clear evidence of your controls.
Regulatory alignment
Supports GDPR, ISO 27001 and related standards by putting the core controls regulators expect already in place.
Access to more opportunities
Often a minimum requirement for public-sector contracts and supply chains, where certification can be a condition of being considered.
Cyber insurance advantages
Some insurers offer certified organisations better terms, and UK-domiciled SMEs under £20m turnover can opt into included cover.
Greater internal awareness
The process raises security awareness across your team, supporting better password, access and phishing habits day to day.
Your options
Choose the level of support that suits you.
Every route begins with a free readiness review. The difference is how much support you would like alongside it.
Readiness review
Free
30-minute call
- Understand where your gaps may be
- See what certification involves
- Get a clear view of cost and timeline
- No obligation to proceed
A clear, practical assessment.
Cyber Essentials
Tailored
verified self-assessment
- Free readiness review before you commit
- Self-assessment guided throughout
- Potential gaps identified and explained
- Submission supported on your behalf
Begins with a free readiness review.
Cyber Essentials Plus
Tailored
includes independent technical audit
- Independent technical verification included
- Devices, cloud services & access tested
- Gaps addressed ahead of the audit
- Recognised by government and regulated buyers
We help you prepare thoroughly before submission.
Why early preparation matters
Cyber Essentials is increasingly expected across UK professional services, public-sector supply chains and regulated industries. Because the certificate is valid for 12 months and preparation takes a little time, starting early gives you room to address any gaps without pressure. A free readiness review is a straightforward first step.
Common questions
Questions we are often asked.
Clear answers to common questions about the process.
Yes — Cyber Essentials was designed with smaller organisations in mind. The questions are built around typical SME setups rather than enterprise IT departments. If your team uses email, cloud applications and laptops, the scheme applies to you.
Keeping systems running is not quite the same as being certification-ready. It is common to find areas that have not been picked up — unmanaged personal devices, cloud tools that were not in scope, or admin accounts without MFA. We work alongside your IT provider, focusing specifically on certification readiness.
Typically not a great deal. Much of the work happens in the background, and we generally need a few hours from someone who knows your systems, spread across the process. The readiness review itself is a single call.
Cyber Essentials is a verified self-assessment reviewed by a certification body. Cyber Essentials Plus uses the same requirements but adds an independent, hands-on technical audit of your devices, cloud services and access — the higher level of assurance many government and regulated buyers ask for.
We will let you know during the initial review. Some organisations benefit from a short period of preparation first. Our aim is to help you submit when you are well prepared, rather than before.
UK-domiciled organisations with turnover under £20m can opt into included cyber insurance when they achieve whole-organisation Cyber Essentials, at no additional cost. We can explain how it works and whether it suits you during the review.
Book your free readiness review
A 30-minute call to understand where you stand and what certification would involve. No obligation to proceed.
Guidance, Protection, Peace of Mind.

