Certification, made simple.

Cyber Essentials. Cyber Essentials Plus. ISO 27001. GDPR. We turn the standards into a project plan, fix what doesn’t pass, and certify you on time, on budget.

Frameworks we support

One partner, every standard.

We help UK businesses certify and stay certified β€” without the consultancy bill shock.

βœ…

Cyber Essentials

Self-assessment certification β€” fixed-price, fully managed. Often a procurement must-have.

πŸ…

Cyber Essentials Plus

On-site verification by a CREST-aligned assessor. We remediate, then certify.

πŸ“˜

ISO 27001:2022

Gap analysis, ISMS build, policies, evidence and audit support β€” staged for SMEs.

🩺

NHS DSPT

Data Security & Protection Toolkit for healthcare providers. Year-on-year support.

βš–οΈ

GDPR / DPA 2018

Records of processing, DPIAs, breach plans, vendor due diligence β€” all the artefacts.

πŸ‡ͺπŸ‡Ί

NIS2 / DORA

For regulated firms touching EU markets β€” readiness and ongoing assurance.

Cyber Essentials Plus

CE Plus β€” pass first time, every time.

We have certified hundreds of UK businesses, including many that had failed elsewhere first. Our pre-flight audit catches everything before the official assessor walks in.

  • βœ“
    Pre-flight auditMirror of the official test β€” we find every issue first.
  • βœ“
    Remediation includedWe fix what fails β€” patching, MFA, browser config, malware protection.
  • βœ“
    On-site assessmentConducted by IASME-licensed Certification Body partners.
  • βœ“
    Certificate & marketing packLogo, badge, certificate β€” useful for tenders the same week.
  • βœ“
    12-month maintenanceWe keep your fleet compliant year-round β€” no rush before renewal.
Firstnet Portal
Standards

Documentation we deliver

Policies & procedures

  • βœ“
    Information Security Policy
  • βœ“
    Acceptable Use Policy
  • βœ“
    Access Control Policy
  • βœ“
    Asset Management Policy
  • βœ“
    Incident Response Plan
  • βœ“
    Supplier Security Policy

Operational artefacts

  • βœ“
    Risk register & treatment plan
  • βœ“
    Asset & supplier register
  • βœ“
    Records of Processing (GDPR)
  • βœ“
    Statement of Applicability (ISO 27001)
  • βœ“
    Vulnerability management evidence
  • βœ“
    Audit logs and access reviews
FAQ

Frequently asked questions

How long does Cyber Essentials take?

Most clients are certified in 4–6 weeks from kick-off β€” sometimes less if your environment is in good shape.

How much does ISO 27001 cost?

Cost scales with company size and scope. We deliver in 3 stages β€” gap analysis, ISMS build, audit β€” with fixed-price per stage.

Can you do the audit yourself?

For ISO 27001, no β€” that has to be a UKAS-accredited body. We prepare you fully and walk you through every stage of the audit.

Do you maintain compliance after certification?

Yes β€” our managed service keeps evidence current, so the next year’s audit isn’t a fire drill.

Ready to take IT off your plate?

Free, no-pressure scoping call with a Firstnet Direct specialist.

Book a free call πŸ“ž 01827 218300