The Cyber Scheme has been licensed as an Assessment Provider by IASME, who are operating the scheme on behalf of the NCSC.
Over the next few weeks we will be providing more information about the scheme for both small business owners looking to procure the service, and candidates wishing to gain the accreditation. Here we start with a brief outline of how this scheme has come about.
What is Cyber Advisor?
The new Cyber Advisor (Cyber Essentials) service has been developed to provide small and medium sized organisations with reliable and cost-effective cyber security advice and practical support.
The focus of that advice and support will be on the implementation of the technical controls set out in Cyber Essentials. This approach will improve the cyber security of small organisations and reduce the likelihood of the most commonly experienced cyber attacks.
Under the new scheme those organisations who have a qualified Cyber Advisor on their staff will be able to apply to become an NCSC Assured Service Provider. Only organisations which become Assured Service Providers and employ a qualified Cyber Advisor will be able to offer NCSC assured Cyber Advisor services to customers.
How does it work?
The Cyber Advisor scheme gives buyers the confidence that their chosen service provider is offering cyber security advice to an NCSC approved standard. All Cyber Advisors must work for a company which has met the NCSC’s standards and been accepted as an Assured Service Provider.
Who is it for?
The Cyber Advisor scheme is for small and medium sized organisations across the UK aiming to improve their basic cyber security and avoid the disruption caused by some of the most common cyber attacks.
What is the assessment process?
NCSC accredited Cyber Advisors will have to pass the independent assessment outlined here. This measures their:
- knowledge and understanding of the Cyber Essentials’ technical controls
- competence in providing practical, hands-on support
- ability to understand and work with small and medium sized organisations.
The assessment process is made up of three elements: multiple choice test; questions requiring short form written answers and a face-to-face discussion with an assessor.
The assessment tests the candidates’ knowledge of the Cyber Essentials Standard and the practical skills required to implement any recommendations made to organisations who wish to meet the Standard.
To become a Cyber Advisor (Cyber Essentials), a candidate will need to pass this assessment, at which point they will be issued with a Certificate of Competence in Cyber Essentials Implementation. They will then need to provide IASME with that evidence here. They will then be required to sit an online induction training course with IASME, which will take them through the essential elements of the scheme and be followed by a simple test of understanding.
Once a candidate has successfully passed the Cyber Advisor (Cyber Essentials) exam, the company they work for can become an NCSC Assured Service Provider. Please note, all Cyber Advisors (Cyber Essentials) must be based in the UK or Crown Dependencies.
For more information on the Cyber Advisor scheme, or to view a full list of assured Cyber Advisor providers please visit IASME’s webpage. Read NCSC’s announcement of the new scheme here.