IASME is one of the five Cyber Essentials accreditation bodies appointed by the UK Government. Together with our Certification Body companies, we can certify you to the Cyber Essentials scheme required for many government tenders.  

IASME assesses and certifies organisations against two standards at both the self assessment and audited levels.

  • The IASME Governance Standard
  • The Cyber Essentials Scheme

The self assessment cost includes includes automatic cyber liability insurance for any UK domiciled organisation with less than £20m annual turnover, terms apply.

IASME Governance Standard

The IASME Governance standard, based on international best practice, is risk-based and includes aspects such as physical security, staff awareness, and data backup. The IASME standard was recently recognised as the best cyber security standard for small companies by the UK Government when in consultation with trade associations and industry groups. The audited IASME certification is also seen as showing compliance to ISO27001 by an increasing number of companies, including HP.  Find out more about this standard here.

Cyber Essentials Scheme

IASME is one of just five companies appointed as Accreditation Bodies for assessing and certifying against the Government's Cyber Essentials Scheme. The Scheme focuses on the five most important technical security controls. These controls were identified by the government as those that, if they had been in place, would have stopped the majority of the successful cyber attacks over the last few years. Find out more here.

General Data Protection Regulations (GDPR)

The European Data Protection Regulation (GDPR) was adopted by all EU member states in April 2016.  This allowed businesses 2 years to prepare for enforcement of the Regulation in May 2018.

Under GDPR, all businesses that wish to provide goods and services to EU residents are required to conform to the requirements it lays down.  All businesses are deemed in scope unless they prove otherwise.  Undertaking Cyber Essentials and IASME Governance, the latter of which includes GDPR requirements, is a good way to visibly show your customers that you have put things in place to meet the Regulation.

Article 5, Principle 6 of the GDPR requires organisations to use ‘appropriate technical or organisational measures’ to ensure ‘appropriate security of the personal data’.  You can see how IASME’s certifications support GDPR requirements here.

Further information and guidance on GDPR is available via the website of the Information Commissioner’s Office.

Certification against both IASME governance and the Cyber Essentials will indicate a good level of all-round information security.

Keep up to date with changes to the assessment questions and other news

See privacy policy here.