IASME has tightened the Cyber Essentials Plus assessment rules. You can't solve this with a spreadsheet and a one-off scan anymore.
Fail the first sample, and the assessor pulls a second sample from different devices. Fail the second with the same vulnerabilities and CE+ is denied — and your CE Basic certificate is revoked.
Critical and high CVEs must be patched within 14 days of release. No exceptions, no grace period, no "next maintenance window". Your patching has to be continuous.
The following are NOT approved for CE Plus scans: Microsoft Defender / Windows Security, Sophos built-in scanner, RMM scanners (ConnectWise, Datto, NinjaOne), and any antivirus "vulnerability scan" feature. Only Cyber Essentials authorised scanners approved by NCSC qualify.
~97–98% of UK SMEs don't have CE-compliant scanning and patching in place today. CE+ Assured fixes the whole stack in one subscription.
Prices are ex VAT. Monthly subscription. Cancel anytime. Device counts are indicative — talk to us for your exact quote.
All prices ex VAT. Device counts are assumptions for comparison; your exact monthly total is based on the actual devices enrolled. Contact us for a quote.
Everything you need to scan, patch, and certify — in one subscription.
Cyber Essentials authorised vulnerability scanners approved by NCSC, running on every device, every day. Not Microsoft Defender, not Sophos built-ins, not RMM scanners, not any antivirus "vulnerability scan" feature.
Critical and high CVEs patched inside Danzell v3.3's 14-day window, automatically. No manual tickets, no missed updates, no emergency weekends.
We handle the entire annual self-assessment. Your certificate is renewed on schedule — the cost is already in your monthly subscription.
We book the assessor, prepare the evidence, and walk your estate through the audit. Because your scanning and patching are continuous, CE+ is a formality, not a scramble.
Enterprise EDR layer (+£12/device/month) for behaviour-based threat detection, ransomware rollback, and 24/7 containment. CE+ doesn't require it — but it's the right answer if your threat model is real.
Scan. Patch. Certify. All in one subscription. Cancel anytime. Renewals included. No surprise invoices at recertification time.
Under Danzell v3.3, fail the second sample on a CE Plus assessment and IASME revokes your CE Basic certificate as well. You pay for both certifications again from scratch — plus the cost of fixing the underlying vulnerabilities under emergency conditions.
| Org size | CE Basic re-cert | CE Plus re-cert | Total cert loss |
|---|---|---|---|
| Micro | £320 | £1,200 | £1,520 |
| Small | £440 | £1,350 | £1,790 |
| Medium | £500 | £1,700 | £2,200 |
| Large | £600 | £2,100 | £2,700 |
Plus the cost of fixing the underlying vulnerabilities under emergency conditions. The cost of failing CE+ once typically exceeds 12 months of CE+ Assured combined.