Become an Assessor

Become an Assessor

We licence the delivery of Cyber Essentials (basic and PLUS) assessments and IASME governance assessments (including GDPR readiness) to a number of highly professional companies. These companies are known as Certification Bodies. Each assessor within those Certification Bodies must go through training and pass the relevant assessments and exams.

IASME Assessor Course

To become an Assessor you will first need to complete the 2 day IASME Assessor course. This course includes the GCHQ Certified Training one day course Assessing GDPR as part of IASME. As part of this course, and included in the cost, your company will complete the Cyber Essentials and IASME governance, including GDPR readiness, verified self assessment and have an on-site audit against the IASME Governance standard.

After passing this course and assessment exercise and with the necessary certification passes, you will be qualified to assess against Cyber Essentials (basic) and the IASME Governance standard, including the GDPR readiness assessment.

To become an Assessor for you will first need to complete this two-day training and follow-up activities.  We require you to have at least 3 years’ experience and one of the following qualifications:

  • CISM
  • CLAS
  • ISO27001 Lead Auditor
  • CASP+

Technical Cyber Auditing Course

If you want to assess against Cyber Essentials PLUS, and you do not hold a recognised technical auditing qualification,you will need to attend and pass an additional two day GCHQ Certified Training Technical Cyber Auditing Course. This will teach and then examine you on the Technical Auditing required.

All Assessors must also attend the one-day Cyber Essentials PLUS Procedures course.

You will also need to attain Cyber Essentials PLUS certification for your company. We encourage the attendees on the course who pass to pair up and assess each other against Cyber Essentials PLUS once they have become Certification Bodies.


Once the Assessor has successfully completed the training, gained the relevant certification and passed the exams / assessments the company they work for can become a Certification Body. All Certification Bodies need to sign and return the associated contract.

An indication of all the costs can be seen here - please note that this is an indication only and all prices can vary. We run IASME courses every month in Malvern and the Cyber Essentials PLUS Assessor courses every other month in London. These are popular so please book ahead.

If your company is interested in becoming a Certification Body please contact us. Your professionalism, expertise and attitude is more important to us than size and we are happy to licence to companies of all sizes.