Procurement Policy Note 09/14: Cyber Essentials scheme certification
This note explains how to use the Cyber Essentials scheme, which aims to reduce cyber security risk in government supply chains.
The government is taking steps to further reduce the levels of cyber security risk in its supply chain through the Cyber Essentials scheme. The scheme defines a set of controls which, when properly implemented, will provide organisations with basic protection from the most prevalent forms of threat coming from the internet. There are 2 levels of certification: Cyber Essentials and Cyber Essentials Plus.
Cyber Essentials is for all organisations of all sizes, and in all sectors. We are making the scheme mandatory for central government contracts advertised after 1 October 2014 which involve handling personal information and providing certain ICT products and services.