Cyber Essentials readiness and gap review
An honest look at where your systems stand against the five Cyber Essentials controls, so you start knowing exactly what needs to change.
Dead Simple Computing is an NCSC Assured Service Provider under the National Cyber Security Centre's Cyber Advisor scheme. Through an independent assessment run by IASME, NCSC's delivery partner for the scheme, we are assured for our competence to give practical, hands-on advice and support on implementing the Cyber Essentials technical controls, for small and medium organisations. If a tender, a regulator, or your own supplier due diligence asks whether your Cyber Essentials support comes from an independently assured advisor, we can answer yes.
The Cyber Advisor scheme exists so small and medium organisations can find hands-on help with the Cyber Essentials technical controls from someone whose competence has actually been checked, rather than relying on a supplier's own marketing. Assessment is run independently by IASME, NCSC's delivery partner for the scheme. A qualified Cyber Advisor has passed an assessment of their knowledge of the Cyber Essentials controls, their ability to give practical implementation support, and their ability to work with smaller organisations. Being an Assured Service Provider means we employ a qualified Cyber Advisor and meet the scheme's requirements as a firm.
Cyber Advisor is a practical scheme, and its assessment is run independently by IASME on NCSC's behalf. There are two parts: the individual qualifies, and then the firm becomes an Assured Service Provider.
An individual becomes a qualified Cyber Advisor by passing an IASME-run assessment of their knowledge of the Cyber Essentials technical controls, their competence in giving practical, hands-on implementation support, and their ability to work with small and medium organisations.
On passing, the advisor receives a Certificate of Competence in Cyber Essentials Implementation, confirming they meet the scheme's standard.
An organisation becomes an NCSC Assured Service Provider by employing at least one qualified Cyber Advisor, holding Cyber Essentials certification, and running a quality management system. We meet these through our Cyber Essentials certification body status and our UKAS-accredited ISO 9001 quality management system.
Assured status is upheld by continuing to meet the scheme's requirements, not granted once and then forgotten.
This is the part that matters commercially. NCSC assurance is not a marketing badge, it is a way to answer supplier due diligence with something more than a claim. If you are choosing help to get your Cyber Essentials controls in place, whether for a tender, a supply-chain requirement, or simply to close a real risk, assurance gives you an independently checked answer rather than ours.
The Cyber Advisor assurance is specific: it covers practical help implementing the Cyber Essentials technical controls for small and medium organisations. It sits neatly on top of our Cyber Essentials certification body status, because the people advising you on the controls are the people appointed to assess them against the standard. Our UKAS-accredited ISO 9001 quality management system, one of the scheme's requirements for an Assured Service Provider, sits behind it, and our CISSP and MCIIS-qualified founder leads the security work.
That is deliberately a narrower claim than "we do all your cyber security". Our broader services, ISO 27001 consultancy, wider risk management, governance and audit, and incident response, are separate offerings backed by our other credentials, not covered by this Cyber Advisor assurance. We keep the two clearly apart, and we will tell you plainly which one your requirement actually needs.
Our Cyber Advisor assurance covers hands-on help getting the Cyber Essentials technical controls in place. Here is what that looks like in practice.
An honest look at where your systems stand against the five Cyber Essentials controls, so you start knowing exactly what needs to change.
Practical, hands-on support putting the technical controls in place, firewalls, secure configuration, access control, malware protection, and update management, done with you rather than handed over as a checklist.
We take you cleanly through to Cyber Essentials certification, and because we are a certification body, we know exactly what the assessment expects.
Practical security advice pitched at a small or medium organisation, focused on the controls that close real risk, without the jargon or the enterprise price tag.
It is an organisation assured under one of the NCSC's assurance schemes. Dead Simple Computing is assured under the Cyber Advisor scheme, which covers practical, hands-on advice and support on implementing the Cyber Essentials technical controls for small and medium organisations. An organisation earns this by employing at least one qualified Cyber Advisor, holding Cyber Essentials certification, and running a quality management system, all assessed independently by IASME, NCSC's delivery partner.
It is an NCSC scheme, delivered by IASME, that assures advisors to give small and medium organisations trustworthy, hands-on help implementing the Cyber Essentials technical controls. An individual becomes a qualified Cyber Advisor by passing an IASME assessment of their knowledge of the controls, their practical implementation competence, and their ability to work with smaller organisations, and receives a Certificate of Competence in Cyber Essentials Implementation.
They check different things. The Cyber Advisor assurance confirms the competence of the person advising you on implementing the Cyber Essentials controls. Cyber Essentials certification confirms the controls are actually in place in an IT estate, and we are a certification body for it. ISO 27001, where we are UKAS accredited, certifies that we run a documented information security management system. Holding all three means the advice, the baseline technical standard, and our own management system are each independently checked.
The Cyber Advisor assurance is specifically about Cyber Essentials implementation support for small and medium organisations, and many tenders and supply-chain requirements ask exactly for that, so it is a direct, verifiable answer where Cyber Essentials is the requirement. It is not a general government-consultancy credential. Large, complex, or nationally significant work, including GovAssure engagements, sits under a separate, higher-tier scheme, the Assured Cyber Security Consultancy scheme, which is distinct from Cyber Advisor. If you are unsure which your contract needs, we will tell you plainly.
Ask us and we will confirm it directly, or check IASME's directory of assured providers, which lists organisations assured under the Cyber Advisor scheme. We would rather you verify it independently than take our word for it, that is the point of the scheme.
Tell us what you are trying to satisfy, a tender, a supply-chain requirement, or simply getting the basics right, and we will set out plainly what our NCSC Cyber Advisor assurance covers and how our Cyber Essentials, ISO 27001, and ISO 9001 credentials fit around it. We reply within one working day, and you will speak to an engineer, not a salesperson.
Hello, I am Ainsley, the assistant here at Dead Simple Computing, and a governed AI assistant we built ourselves. Ask me anything about managed IT, cyber security, software and AI, or governance and audit. I can also put you in touch with a person.
Ainsley is an assistant and can be wrong. For anything that matters you will speak to an engineer.