CE+ Pre-Assessment

Question 1

Why pay for a pre-assessment when CE+ itself is a test?

Answer

Because under Danzell v3.3 (effective 27 April 2026), failing CE+ means you ALSO lose your existing CE Basic certificate and have to pay for both from scratch. The cost of one failed CE+ attempt (£1,520–£2,700+) is 3–6× the cost of a pre-assessment. Pre-assessing is insurance against a re-cert you can't afford.

Question 2

What's the difference between a pre-assessment and CE+ Assured?

Answer

A pre-assessment is a one-off scan — you pay once, we report, you fix. CE+ Assured is a monthly subscription where we scan, patch, and certify continuously. If you want a single point-in-time check before booking CE+, pick the pre-assessment. If you want ongoing coverage so CE+ is a formality every year, pick CE+ Assured. Many clients start with a pre-assessment and graduate to CE+ Assured for ongoing renewals.

Question 3

How long does a pre-assessment take end-to-end?

Answer

Typically 3–5 working days from agent deployment to report delivery, depending on device count and IT team availability. We can fast-track if you're time-critical before a scheduled CE+ assessment — contact us for options.

Question 4

What happens if your pre-assessment finds problems we can't fix in time?

Answer

We'll tell you honestly — and recommend delaying the formal CE+ booking until you're ready. IASME charges £0 to reschedule with enough notice, but £1,200–£2,100+ to pay for a failed assessment. Waiting a month to prepare properly is nearly always cheaper than failing.

Question 5

Do you use the same tools as the CE+ assessor?

Answer

We use Cyber Essentials authorised vulnerability scanners approved by NCSC. Because all approved scanners work from the same CVE and CVSS data, findings are consistent regardless of which specific scanner is used. The key requirement is that the scanner performs credentialed scans and produces CVE-level output with CVSS v3 scores.

Question 6

Is the pre-assessment price per device or flat?

Answer

Flat per tier, based on device count band (Micro/Small/Medium/Large). If your estate is larger than the Large tier's threshold or unusually complex (multiple sites, cloud-native, etc.), it's POA and we'll quote after a scoping call.

Question 7

Why pay for a pre-assessment when CE+ itself is a test?

Answer

Because under Danzell v3.3 (effective 27 April 2026), failing CE+ means you ALSO lose your existing CE Basic certificate and have to pay for both from scratch. The cost of one failed CE+ attempt (£1,520–£2,700+) is 3–6× the cost of a pre-assessment. Pre-assessing is insurance against a re-cert you can't afford.

Question 8

What's the difference between a pre-assessment and CE+ Assured?

Answer

A pre-assessment is a one-off scan — you pay once, we report, you fix. CE+ Assured is a monthly subscription where we scan, patch, and certify continuously. If you want a single point-in-time check before booking CE+, pick the pre-assessment. If you want ongoing coverage so CE+ is a formality every year, pick CE+ Assured. Many clients start with a pre-assessment and graduate to CE+ Assured for ongoing renewals.

Question 9

How long does a pre-assessment take end-to-end?

Answer

Typically 3–5 working days from agent deployment to report delivery, depending on device count and IT team availability. We can fast-track if you're time-critical before a scheduled CE+ assessment — contact us for options.

Question 10

What happens if your pre-assessment finds problems we can't fix in time?

Answer

We'll tell you honestly — and recommend delaying the formal CE+ booking until you're ready. IASME charges £0 to reschedule with enough notice, but £1,200–£2,100+ to pay for a failed assessment. Waiting a month to prepare properly is nearly always cheaper than failing.

Question 11

Do you use the same tools as the CE+ assessor?

Answer

We use Cyber Essentials authorised vulnerability scanners approved by NCSC. Because all approved scanners work from the same CVE and CVSS data, findings are consistent regardless of which specific scanner is used. The key requirement is that the scanner performs credentialed scans and produces CVE-level output with CVSS v3 scores.

Question 12

Is the pre-assessment price per device or flat?

Answer

Flat per tier, based on device count band (Micro/Small/Medium/Large). If your estate is larger than the Large tier's threshold or unusually complex (multiple sites, cloud-native, etc.), it's POA and we'll quote after a scoping call.

CE+ Pre-Assessment

Why Pre-Assess?

What happens if CE+ fails without preparation

What a pre-assessment gives you

Fixed Per-Tier Pricing

Micro

Small

Medium

Large

What's Included

Full credentialed vulnerability scan

Device sampling that matches the real assessment

Prioritised remediation plan with CVSS scores

Remediation guidance call

Re-scan option after remediation

No surprises on the day

Want CE+ to be a formality every year, not just this one?

Frequently Asked Questions

Ready to Pre-Assess?

CE+ Pre-Assessment

Why Pre-Assess?

What happens if CE+ fails without preparation

What a pre-assessment gives you

Fixed Per-Tier Pricing

Micro

Small

Medium

Large

What's Included

Full credentialed vulnerability scan

Device sampling that matches the real assessment

Prioritised remediation plan with CVSS scores

Remediation guidance call

Re-scan option after remediation

No surprises on the day

Want CE+ to be a formality every year, not just this one?

Frequently Asked Questions

Ready to Pre-Assess?