How Much Does Cyber Essentials Cost in 2026?

IASME fee bands 2026

These fees are set by IASME and based on their published pricing guidance. Always confirm the current fee at iasme.co.uk before purchasing, as fees are reviewed annually.

What is included

The Cyber Essentials certification fee covers the following:

• Assessment platform access — six months to complete your self-assessment questionnaire
• Assessor review — a qualified assessor reviews your submission, typically within 3 working days
• Resubmission opportunity — if your initial submission does not pass, you are given the opportunity to correct and resubmit
• Digital certificate — valid for 12 months from the date of certification
• Public listing — your organisation is listed on the NCSC Cyber Essentials directory
• Cyber Essentials badge — for use on your website, proposals, and marketing materials
• Cyber liability insurance — automatic cover up to £25,000 with 24/7 incident response support for organisations with annual turnover under £20 million

What is not included

The certification fee does not cover the cost of preparing your organisation for the assessment. Preparation involves reviewing your IT infrastructure, enabling MFA on all cloud services, patching devices, and ensuring all controls are in place before you begin the self-assessment.

CrownSync CE Readiness helps you prepare for free. The platform walks your team through every Danzell v3.3 question, flags automatic-fail risks, and generates a certifier-ready submission pack — at no cost during our launch period.

Cyber Essentials Plus (CE+) is a separate, higher-level certification that includes hands-on technical verification by an assessor. CE+ is priced separately and typically costs significantly more than the standard Cyber Essentials assessment.

Cyber liability insurance

Per IASME guidance, organisations with annual turnover under £20 million automatically receive cyber liability insurance as part of their Cyber Essentials certification. This insurance includes 24/7 incident response support and coverage up to £25,000.

The insurance is included at no additional cost and is valid for the duration of your certification (12 months). It provides a safety net for small and medium organisations that may not have standalone cyber insurance in place.

Renewing your certification

Cyber Essentials certification is valid for 12 months from the date it is awarded. To maintain your certification and your listing on the NCSC directory, you must renew before the expiry date.

Renewal fees match the initial certification fees based on your organisation's size. At renewal, you will be assessed against the question set that is current at that time — if a new version has been released since your last certification, the renewal assessment will use the updated questions.

Plan to start your renewal preparation at least four to six weeks before your certificate expires to allow time for any remediation that may be needed.

Related guides