A simple guide for businesses, trades, and organisations
Cyber security accreditations can feel confusing, especially when you hear terms like Cyber Essentials, Cyber Essentials Plus, and Cyber Assurance. Each one represents a different level of security maturity — and together they form the UK’s most recognised baseline for protecting systems, data, and customers.
Here’s a clear breakdown of what each accreditation means, why they matter, and how they support platforms like My Safe Docs.
Cyber Essentials – The Foundation
Cyber Essentials is the UK Government‑backed scheme designed to help organisations defend against the most common cyber threats.
It focuses on five core controls:
- Secure firewalls
- Strong access controls
- Secure configuration
- Patch management
- Malware protection
What it means: Your organisation has the essential protections in place to stop the majority of everyday cyber attacks.
Who it’s for: Any business that wants a recognised baseline of cyber hygiene — from sole traders to national organisations.
Cyber Essentials Plus – Independent Verification
Cyber Essentials Plus includes everything in Cyber Essentials, but with one major difference:
It is independently audited and tested.
A qualified assessor checks:
- Your systems
- Your devices
- Your defences
- Your real‑world resilience
This includes hands‑on testing, vulnerability scanning, and verification that your controls actually work in practice.
What it means: Your cyber security isn’t just declared — it’s proven.
Why it matters: Insurers, police, and industry bodies place far more trust in CE+ because it demonstrates real‑world security, not just paperwork.
Cyber Assurance – Governance, Risk & Operational Maturity
Cyber Assurance (formerly IASME Governance) goes beyond technical controls.
It assesses:
- Governance
- Risk management
- Policies
- Procedures
- Staff training
- Supply‑chain security
- Incident response
- Business continuity
It is a deeper, broader accreditation that demonstrates organisational maturity, not just technical security.
What it means: Your organisation has structured, documented, and tested processes that meet a recognised national standard.
Who it’s for: Businesses that want to demonstrate trustworthiness to police, insurers, partners, and customers — especially those handling sensitive data or operating at national scale.
Why These Accreditations Matter for My Safe Docs
My Safe Docs is built as a secure evidence platform for Trades, Homes, and Agriculture. These accreditations demonstrate:
- Strong technical security (Cyber Essentials)
- Independently verified protection (Cyber Essentials Plus)
- Mature governance and risk management (Cyber Assurance)
Together, they show that My Safe Docs is not just a platform — it is a trusted, compliant, and police‑ready system designed to protect documents, assets, and evidence at national scale.
Final Thoughts
Cyber Essentials, Cyber Essentials Plus, and Cyber Assurance each play a different role — but together they form a powerful foundation for modern, secure digital services.
For My Safe Docs, these accreditations reinforce our commitment to:
- Security
- Trust
- Compliance
- Evidence integrity
- National‑grade protection
They are part of the reason we are building the Complete Asset Register™ — a secure, evidence‑ready platform for tradespeople, homeowners, and the agricultural sector.