Which Cyber Essentials Bodies Actually Offer Same-Day Certification?
Many certification bodies mention same-day turnaround, but few commit to it. We look at what the major UK bodies actually promise and whether they deliver.
Section 01
Which Cyber Essentials Bodies Actually Offer Same-Day Certification?
Same-day Cyber Essentials certification is possible only at a handful of IASME-licensed bodies with explicit SLAs. Fig Group guarantees certification within 6 working hours of a clean Micro-tier submission - effectively same-day for submissions before midday. Most UK certification bodies take 5-15 working days instead.
When you need Cyber Essentials certification quickly, the natural first step is to search for a body that can deliver the same day. Several certification bodies reference same-day turnaround in their marketing, but there is a considerable difference between "we aim to" and "we guarantee it."
This article examines what the major UK certification bodies actually commit to and whether same-day certification is a realistic expectation.
Section 02
Why same-day matters
Cyber Essentials certification is frequently needed against a deadline. Common scenarios include:
- A tender response that requires proof of certification by a specific date
- A client contract that makes Cyber Essentials a condition of engagement
- An insurance renewal that asks for evidence of security controls
- A government procurement process under PPN 014/21
In each case, waiting three to five working days for a certificate can mean missing the deadline entirely. Even 48 hours can be too long if the requirement surfaces late in the process.
Section 03
What the certification bodies say
Fig Compliance
The only IASME-licensed body we have found that publishes a specific same-day time commitment. For orders placed before midday, Fig guarantees certification within 6 hours of submission for compliant applications. Three rounds of structured feedback are included. Published as a guarantee on every product page, not a target or best-case scenario.
- Commitment: Guaranteed within 6 hours for compliant submissions
- Condition: Order placed before midday
- Additional cost for speed: None
CyberSmart
Advertises certification "within as little as 24 hours." Automated platform handles much of the compliance checking, reducing the manual assessment bottleneck. 24 hours is the best case rather than a guarantee, and subscription-based pricing (from £999 + VAT/year) is a different model to one-off certification.
- Commitment: Within 24 hours (best case)
- Condition: Subscription active
- Additional cost for speed: Included in subscription
Bulletproof
Publishes a 48-hour marking target from submission, excluding weekends and bank holidays. Clear and honest commitment. A submission received Monday morning could see a certificate by Wednesday; submissions received Thursday may not be assessed until the following Monday.
- Commitment: 48 hours (excluding weekends)
- Condition: None stated
- Additional cost for speed: None
Pentest People
Publishes a 3-working-day marking time for Cyber Essentials submissions. No suggestion of a same-day option. Focus is on integration of CE with their broader penetration testing services.
- Commitment: 3 working days
- Condition: None stated
- Additional cost for speed: N/A
Other bodies
Several other certification bodies - including LRQA, IT Governance, and QMS International - do not publish specific turnaround commitments on their websites. Prospective clients are directed to contact sales teams for details. The absence of a published commitment makes it difficult to evaluate same-day capability.
Section 04
The difference between "aim to" and "guarantee"
This distinction matters. A certification body that aims to assess within 48 hours will usually meet that target during quiet periods. During busy periods, particularly around financial year-ends, government procurement deadlines, or the annual renewal cycle, assessment queues lengthen and turnaround times stretch.
A guarantee is different. It is a published commitment that the body organises its capacity around. Fig Compliance is the only body we have identified that structures its entire operation around a specific, published turnaround time.
Section 05
What to ask before you buy
If same-day certification is important to you, ask these five questions before committing:
Published turnaround time
What is the body's published turnaround time? If it is not on the website, ask for it in writing.
Target or guarantee
Is the turnaround time a target or a guarantee? There is a meaningful difference between "we aim to" and "we commit to."
Handling of corrections
What happens if your submission needs corrections? Does feedback add another day to the queue, or is it reviewed immediately?
Premium fee for speed
Is there an additional fee for faster service? Some bodies offer expedited processing at a premium rather than as standard.
Order cut-off time
What time do you need to order by? Fig Compliance requires orders before midday for its 6-hour guarantee - other bodies may have different cut-offs.
Section 06
Summary
For organisations that genuinely need same-day Cyber Essentials certification, the options are limited. Most bodies operate on multi-day timelines. CyberSmart's 24-hour claim is the second fastest we have found, though it comes with subscription pricing.
Fig Compliance remains the only body that publishes a specific sub-24-hour guarantee and delivers it as a standard service. At £299.99 + VAT for micro organisations, it also happens to be the lowest-priced option available.
About the author
Jay Hopkins
Managing Director, Fig Group
Jay Hopkins is the Managing Director of Fig Group and an IASME-licensed Cyber Essentials assessor. He was previously Head of Technology for a global regulated firm. He works with UK organisations across regulated sectors on baseline compliance, supply-chain assurance, and AI-augmented security tooling.
Next step
Want to see how Fig handles this?
Explore how Fig automates compliance mapping, evidence collection, and framework alignment across 65+ standards.
Request a demoMore from Compliance