Certification Bodies

With cybercrime increasing, more organizations are looking for mitigation measures to help protect their IP, data and overall business. Cyber Essentials is a set of best practices and standards that are used to help mitigate up to 80% of common internet threats. By obtaining Cyber Essentials (CE) or Cyber Essentials Plus (CE+) certification, you not only obtain more knowledge to protect your business, but you also get badging that demonstrates to existing and future customers, as well as supply chain management, that you take your cybersecurity seriously.

To obtain your certification you must successfully complete the process using The Cyber Highway and then work with a Certification Body to audit your work. Cyber Essentials (basic) certification requires online audit by the Certification Body, whereas Cyber Essentials + requires an audit and onsite visit for verification.

Did you know
45% of businesses identified that cyberattacks had increased over a year ago. ICTC, Aug 2016

What are Certification Bodies?

Certification Bodies are made up of companies that have successfully completed the Cyber Essentials Plus Certification process. Their role is to create and maintain high standards within the technical information security industry, and to drive a consistency of quality across its member organizations.

Any organization that is leveraging Cyber Essentials Canada services can therefore rest assured that Cyber Essentials Certification Bodies have:

  • Demonstrated appropriate levels of quality assurance processes, security controls, security assessment methodologies and met additional qualification criteria;
  • Signed a Code of Conduct;
  • Proven access to technically competent and qualified staff; and
  • Committed to abiding to the requirements of Certification Bodies for Cyber Essentials.

Certification Bodies

In Canada, the following companies are current and active.

How to Become a Certification Body

A Certification Body is a company that has successfully completed the rigorous CE accreditation process. This qualifies Certification Bodies to assess other organizations against the CE Canada Certification. A company can only become a Certification Body if it meets the stringent requirements which include passing the CE+ tests and prove that they have access to one or more individuals that hold the required Cyber Essentials assessors’ qualifications. To qualify, companies need to have:

  • Demonstrated appropriate levels of quality assurance processes, security controls, security assessment methodologies and met additional qualification criteria
  • Signed a Code of Conduct
  • Proven access to technically competent and qualified staff
  • Committed to adhering to the requirements of Certification Bodies for Cyber Essentials.

Organizations that are considering becoming a Certification Body should contact us to start the process. Upon successful accreditation as a Certification Body, an organization will be given access to information covering:

  • Training by the Cyber Essentials Canada Team
  • The tests to be undertaken
  • The content of test reports
  • Guidance on the functionality for some common tools
  • The criteria for granting certification
  • The content of certificates

In addition to the Cyber Essentials certification services, Cyber Essentials Certification Bodies provide a range of services to help organizations better manage their cybersecurity risks. These services may include:

  • Penetration testing
  • Security audit and compliance
  • Security policy
  • Security architecture
  • Cyber security incident response

Did you know?
Big businesses are not the main target for cybercrime. 77% of cybercrime is targeted at small and medium enterprise.

To learn more about CyberNB, Cyber Essentials or how to become a Certification BodyContact Us

Looking for more information on Certification and Cybersecurity Updates?