What are the differences between an ACE practitioner and a Certification Body?

2nd May 2019

We’ve certified many businesses now to Cyber Essentials, as one of the only certification bodies in the Sussex area, certified to accredit your business to the government standard.  

Recently we’ve had a few prospects ask us how we, as a Certification Body, differ to an ‘ACE Practitioner’ and what does it mean. So we thought we’d write this article to help you know the differences between them.  

What is a Certification Body? 

Let’s start at the top, the National Cyber Security Centre (NCSC) have appointed 5 Certification Authorities (something they are currently reviewing) and all of them report directly in to the NCSC.  

We have been a certification body for IASME since 2017 (the certification authority). All the IASME Certification Bodies are trained and licensed to certify against both the Government’s Cyber Essentials Scheme and the IASME governance standard. 

At Southern IT, we are Cyber Essentials PLUS and IASME Governance GOLD standard certified ourselves. Certification requirements to this level consist of 5 days GCHQ certified training, including training on GDPR and how it relates to the standards. 

What is an ACE Practitioner? 

This is a oneday certification that a company called QG Management Standards (themselves a Certification Authority) award individuals who have been trained in the fundamental requirements of the Cyber Essentials Scheme and can assist businesses with implementing the controls and it acts as a level of assurance for Certification Bodies. 

So, what’s the difference and does it matter? 

The main difference is that an ACE Practitioner can’t certify your company to the Cyber Essentials Standard, they can just prepare you. They do of course have certification bodies that they work with, but there may be additional time and costs involved in the certification process, plus, depending how many certifications they carry out, their level of knowledge may vary.  

If you want some friendly advice on cyber essentials, feel free to give us a call. 


Useful links 

IASME Certification Bodies https://www.iasme.co.uk/certification-bodies/ 

QG Management Accredited Practitioners https://www.qgstandards.co.uk/accredited-practitioners/