FAQ's
Practical clarification on scope, timelines, evidence requirements, and how our certification and assurance process works.
Frequently Asked Questions
Are you an accredited Cyber Essentials Certification Body?
Yes. Q-Assure operates as a licensed IASME Certification Body under the UK Cyber Essentials scheme.
Do you guarantee a pass?
No. We provide structured readiness guidance and independent assessment in accordance with scheme rules. We do not guarantee certification outcomes.
What is the difference between CE and CE+?
Cyber Essentials is evidence-based certification. Cyber Essentials Plus includes independent technical verification and vulnerability testing.
Do you provide ISO 27001 certification?
No. We provide readiness, advisory and internal audit support. Certification is issued by accredited certification bodies.
Can you deliver services in restricted environments?
Yes. Where required, engagements can be delivered by security-cleared personnel.
Do you conduct penetration testing?
Accredited penetration testing is delivered by CREST and/or CHECK accredited partners. We manage scope and remediation oversight.
How long does Cyber Essentials take?
Most organisations complete Cyber Essentials within 2–4 weeks, depending on readiness and scope complexity.
Do you work with SMEs?
Yes. We primarily support SMEs supplying public sector or regulated markets.