6-hour pass guarantee
For compliant Cyber Essentials self-assessments, the clock starts when the submission lands with us.
Cyber Essentials in London
IASME-licensed certification for London organisations. Cyber Essentials from £299.99 + VAT, Cyber Essentials Plus from £1,499 + VAT, and a 6-hour pass guarantee on compliant self-assessments. The certificate is the national one; the delivery is built around how London actually works.
Direct line for London enquiries: +44 (0) 203 105 2335. Email: enquiries@figgroup.co.uk.
No London surcharge
The same fixed UK-wide pricing applies whether you are in Aberdeen, Aldgate, Fitzrovia, or Canary Wharf.
IASME-licensed
Our licence and public claims register are published for procurement teams who need to verify before purchase.
The certificate is national. The fit can be local.
Cyber Essentials is a UK national scheme run by the National Cyber Security Centre and administered by IASME. Every certificate issued by every Certification Body uses the same Cyber Essentials v3.3 questionnaire and carries identical legal and contractual weight. There is no separate London Cyber Essentials certificate.
Location matters because of delivery fit, not certificate exclusivity. London organisations often share a cluster of operational realities: hot-desking in shared offices, regulated professional-services work, contractual cyber requirements from principals and insurers, senior people using multiple devices, and procurement teams working against a date.
We see this pattern repeatedly across London engagements. The mechanical scheme is the same; the scoping conversation is shorter when the assessor already understands what an SJP partner practice, criminal chambers, recruitment agency, or clinic typically looks like in London.
Why London organisations come to Fig
Three reasons recur in enquiry calls. The first is speed against a deadline. Most London enquiries arrive with a date attached: a tender response, a renewal lapsing soon, an SJP partner practice working towards a mandate window, or an insurer asking for evidence before they issue cover.
The second is fixed UK-wide pricing. We do not charge a London surcharge. Our prices are the same whether you are in Aberdeen or Aldgate, and each Cyber Essentials tier includes three free re-submissions if a control answer needs work.
The third is verifiability. Our licensed status as a Certification Body is on our IASME licence page, and our public trust claims register sets out exactly what we do and do not assert about ourselves.
London pricing
Fixed UK pricing, no London uplift
All Cyber Essentials and Cyber Essentials Plus pricing is fixed-fee, plus VAT, with no per-user fees and no hidden re-submission charges.
Cyber Essentials self-assessment
Includes the IASME-administered questionnaire, assessor review, three free re-submissions, the issued 12-month certificate, and free cyber liability insurance for eligible UK organisations.
| Tier | Headcount | Fee (+ VAT) |
|---|---|---|
| micro | 1-9 | £299.99 |
| small | 10-49 | £399.99 |
| medium | 50-249 | £449.99 |
| large | 250+ | £549.99 |
Cyber Essentials Plus
Includes the underlying Cyber Essentials certification plus a remote technical audit with vulnerability scanning, sampled malware-protection testing, and MFA verification.
| Tier | Headcount | Fee (+ VAT) |
|---|---|---|
| micro | 1-9 | £1,499 |
| small | 10-49 | £1,999 |
| medium | 50-249 | £2,799 |
| large | 250+ | £4,499 |
Full hubs: Cyber Essentials and Cyber Essentials Plus.
Delivery model
Remote-first delivery for hybrid London teams
The vast majority of London engagements run end-to-end over phone, email, and screen-share. Hybrid teams often have laptops scattered across home offices in Greenwich, Wimbledon, St Albans, and beyond; a remote audit reaches the real estate more reliably than a single office visit.
We are physically registered in Fitzrovia. Where a site visit genuinely helps, for example clinical equipment that does not lend itself to remote screen-share, we will discuss it. Treat that as the exception rather than the standard product.
- 1Free readiness check before you commit to a fee.
- 2A 15 to 30 minute scoping call to confirm the organisation boundary.
- 3IASME-hosted Cyber Essentials v3.3 questionnaire completion.
- 4Assessor review, with the 6-hour pass guarantee for compliant submissions.
- 5Certificate issue, 12-month validity, and eligible cyber liability insurance.
- 6Renewal prompt 60 days before expiry so the certificate does not lapse.
London examples
Real London engagements and review-backed proof
These examples use public Google review evidence where a client is named. Chambers work is anonymised because legal clients generally do not want supplier marketing to identify them.
Liberty Towers Ltd
London-based recruitment agency
Tatiana Charkova described the process as extremely efficient: short phone call, submission, pass. Recruitment agencies often need Cyber Essentials for PSL access, framework agreements, and client onboarding.
Artemis Adjusting Ltd
London-based insurance claims adjusting company
Alex Greenacre praised the turnaround, communication, and customer service. Claims adjusting firms typically need Cyber Essentials for panel requirements from upstream insurers and reinsurers.
Clear Ear Clinic Ltd
London clinical practice
Simon Gane noted out-of-hours support and that we came to look at equipment where remote evidence was not enough. Site attendance is an exception, but it is available when it genuinely de-risks the scope.
Mayfair criminal chambers
Anonymised client example
Chambers are a scoping problem because individual barristers are self-employed but share clerks, networks, and case-management systems. The useful work is a careful scope statement before the questionnaire starts.
Review source: Fig Group Google Business Profile review feed, mirrored in the site review dataset.
Related context: criminal chambers, SJP partner practices, and London certification bodies.
London-specific FAQs
Common London buyer questions
Does my London law firm need Cyber Essentials Plus to keep its SJP introducer or panel arrangements?
If you are a St James's Place partner practice, the direction of travel is towards CE Plus as a baseline expectation rather than Cyber Essentials alone. Other panel arrangements vary. Bring the panel wording to the scoping call and we will tell you whether CE or CE Plus satisfies it.
My London office is in a serviced building and we run a hybrid team. What is in scope?
The shared building network is generally out of scope. The controls apply to your devices, accounts, software firewall configuration, cloud services, and the organisational data they access. A serviced-office tenant can usually certify cleanly without cooperation from the building operator.
Do London insurers require Cyber Essentials before issuing professional indemnity for tech firms or consultancies?
Some London-market brokers ask for Cyber Essentials evidence at quote or renewal. We cannot speak for a specific insurer, but when the wording asks for evidence of cyber hygiene or a recognised certification, a Cyber Essentials certificate from any IASME-licensed body is the usual baseline.
How does Cyber Essentials interact with the City of London Police Cyber Griffin programme?
Cyber Griffin is an awareness and incident-support programme. Cyber Essentials is a baseline technical certification. They complement each other: Griffin helps with threat awareness, while Cyber Essentials provides the procurement-ready certificate and the five technical control areas.
Are you available to meet at our Central London office, or is everything remote?
Default delivery is remote. We are based in Fitzrovia and can meet in person where there is a clear reason, such as complex scoping for a chambers, group structure, or clinical estate. Cyber Essentials Plus audits are not sold as standard on-site London visits.
Will your assessor sign our NDA before scoping?
Yes. We routinely sign client-form mutual NDAs at the scoping stage, or we can provide our own short standard form. There is no fee or delay associated with NDA execution.
Are overseas employees in scope, and how does Cyber Essentials v3.3 handle non-UK staff?
Scope follows organisational data and controlled devices, not the employee's physical location. Overseas employees with company laptops are in scope, and BYOD access to organisational data needs a clear scope decision.
What does renewal cost in year two?
The same fixed fee applies unless your headcount has moved you into a different tier. We do not charge separately for the renewal questionnaire, renewal review, or renewal certificate.
Get certified
If you have a deadline, call +44 (0) 203 105 2335. If you are still scoping, the Cyber Essentials hub has the readiness checker and full scheme detail. Procurement teams can verify our trust claims register and IASME licence record before purchase.
The Fig Group Limited is registered in England and Wales, Companies House 16845978, at 167-169 Great Portland Street, 5th Floor, London W1W 5PF.