IASME assesses and certifies organisations against two standards at both the self assessment and audited levels.
- The IASME Governance Standard
- The Cyber Essentials Scheme
The self assessment cost includes includes automatic cyber liability insurance for any UK domiciled organisation with less than £20m annual turnover, terms apply.
Cyber Essentials Scheme
IASME is one of just five companies appointed as Accreditation Bodies for assessing and certifying against the Government's Cyber Essentials Scheme. The Scheme focuses on the five most important technical security controls. These controls were identified by the government as those that, if they had been in place, would have stopped the majority of the successful cyber attacks over the last few years,
IASME Governance Standard
The IASME Governance standard, based on international best practice, is risk-based and includes aspects such as physical security, staff awareness, and data backup. The IASME standard was recently recognised as the best cyber security standard for small companies by the UK Government when in consultation with trade associations and industry groups. The IASME governance self assessment includes the Cyber Essentials assessment within it as well as an assessment against the requirements of the GDPR.
The audited IASME certification is seen as a realistic alternative to ISO27001 by an increasing number of companies. Find out more and download the standard for free here.
General Data Protection Regulation (GDPR)
The European Data Protection Regulation (GDPR) was adopted by all EU member states in April 2016. This allowed businesses 2 years to prepare for enforcement of the Regulation in May 2018.
Under GDPR, all businesses that wish to provide goods and services to EU residents are required to conform to the requirements it lays down. All businesses are deemed in scope unless they prove otherwise. Undertaking Cyber Essentials and IASME Governance, the latter of which includes GDPR requirements, is a good way to visibly show your customers that you have put things in place to meet the Regulation.
Article 5, Principle 6 of the GDPR requires organisations to use ‘appropriate technical or organisational measures’ to ensure ‘appropriate security of the personal data’. You can see how IASME’s certifications support GDPR requirements here.
Further information and guidance on GDPR is available via the website of the Information Commissioner’s Office.
Certification against both IASME and the Cyber Essentials will indicate a good level of all-round information security.