Cyber Essentials is a UK government-backed scheme — created by the National Cyber Security Centre (NCSC) and delivered by IASME — that helps organisations of all sizes guard against the most common internet-based cyber attacks. Certification shows customers, suppliers and stakeholders that an organisation takes security seriously and has the right foundations in place to protect its systems and data.
We're proud to confirm that Plan-IT Consulting is certified to the Cyber Essentials scheme — and that we recertified in June 2026 against the very latest IASME requirements, maintaining the standard we first achieved back in 2023.
Unlike many businesses that pay a consultant to manage the process, our certification was completed in-house by Plan-IT's own team. We assessed our systems, implemented the controls and worked directly through the assessment ourselves — the same hands-on expertise we use to certify our clients.
The five technical controls
Cyber Essentials is built around five technical controls that, when properly implemented, stop the overwhelming majority of common cyber attacks:
- Firewalls — securing the boundary between your networks and the internet.
- Secure configuration — removing default settings and unnecessary functionality from devices and software.
- Security update management — keeping operating systems and applications patched and supported.
- User access control — giving people only the access they need, with strong authentication.
- Malware protection — defending devices against viruses and other malicious software.
Certified against the latest 2026 requirements
Our assessment was carried out under the current "Danzell" question set (Requirements for IT Infrastructure v3.3) — the most up-to-date version of the scheme. The 2026 updates raise the bar on modern security practice, including:
- Mandatory multi-factor authentication (MFA) on cloud services — where MFA is available and not enabled, it's now an automatic fail.
- A minimum password length of 12 characters, with greater emphasis on passwordless sign-in and passkeys.
- Refreshed guidance on cloud services, backups and application development, plus updated scoping rules.
Meeting these requirements demonstrates that Plan-IT's own defences are aligned with current best practice — not a certificate earned years ago against an older standard.
Our certificate
- Organisation
- Plan-IT Consulting Limited
- Certificate number
- 2301bf1e-4006-4c57-8608-2dd903aa4941
- Date of certification
- 9 June 2026
- Recertification due
- 9 June 2027
- Profile version
- 3.3 (Danzell)
- Scope
- Whole organisation
- Certification body
- Cyber Trust (an IASME Cyber Essentials partner)
- Assessor
- James Pitron
Cyber Essentials for your business
Because we go through the process ourselves, Plan-IT can guide your business through Cyber Essentials from start to finish — assessing your systems, closing any gaps and getting you certified. See our article on Cyber Essentials for more on what the scheme involves and the benefits it brings, or explore our Cyber Security services.