Cyber Essentials has extended the certification grace period to April 2023, to coincide with the next technical requirements refresh. In January 2022, the National Cyber Security Centre (NCSC) announced an update of the Cyber Essentials technical controls.
At the time, organisations who were looking to be assessed against the new standards were given a grace period of up to 12 months for some of the requirements. This grace period was due to end in January.
The decision has now been made to extend the grace period for a further three months until April 2023. The new deadline will coincide with the next, light touch, update to Cyber Essentials’ technical requirements.