Three tiers, one standard.
Each tier represents a different depth of assurance - and sends a different signal to your clients.
Archvault Assessed
A structured, assessor-led evaluation against the full Archvault Standard, producing a scored report and a prioritised remediation roadmap.
What you receive
- Assessment report
- Control-by-control scoring
- Remediation roadmap
- Assessed status
"We know exactly where we stand, and we have a plan." Often sufficient to keep a client's due-diligence process moving while you work toward full certification.
Archvault Certified
Every control in the Standard evidenced and independently verified. Certified organisations receive the Archvault mark and a 12-month listing on the public register.
What you receive
- Verified certification
- Register entry
- The Archvault Certified mark for your website and proposals
- An evidence pack for client due diligence
- Cyber Essentials (Basic) certification included
"An independent body has verified our security controls - here's the register entry to prove it."
Archvault Certified+
Certification maintained all year, not renewed once a year: monthly control attestation and verification, patching and monitoring evidence, quarterly phishing resilience testing, and an evidence pack refreshed every month - ready to send to any client or insurer on demand.
What you receive
- Everything in Archvault Certified
- Monthly control attestation and verification
- Quarterly phishing resilience testing
- Evidence pack refreshed monthly
- Annual recertification and Cyber Essentials (Basic) included
"We are demonstrably secure now - not just on the day we were audited." The strongest assurance available under the scheme, and a visible differentiator when bidding.
Compare the tiers
| Included | Assessed | Certified | Certified+ |
|---|---|---|---|
| Independent assessment | ✓ | ✓ | ✓ |
| Verified controls | - | ✓ | ✓ |
| Public register listing | - | ✓ | ✓ |
| Certification mark | - | ✓ | ✓ |
| Evidence pack | - | ✓ | ✓ |
| Monthly verification | - | - | ✓ |
| Quarterly phishing testing | - | - | ✓ |
| Cyber Essentials (Basic) included | - | ✓ | ✓ |