Mapping the IASME Governance Standard against other Standards
The IASME governance standard maps closely to a number of widely recognised cyber security and assurance standards and guides. This means it can be used to demonstrate compliance to many of these standards.
The IASME team has mapped the standard and assessment question set to the standards listed below. The mapping comparisons are free for you to download. Although we have discussed the mapping with a number of experts in the field, it can always be improved upon and we would welcome your feedback. Please do contact us with any comments or suggestions on these mappings.
10 Steps to Cyber Security
The 10 Steps Guidance was designed for organisations looking to protect themselves in cyberspace. The 10 Steps to Cyber Security was originally published in 2012 and is now used by a majority of the FTSE350
Results Summary: IASME Governance aligns directly with 10 Steps to Cyber Security on all topics
Download the mapping between IASME Governance and the 10 Steps Guidance here
NIS Directive - Cyber Assessment Framework (CAF)
One of the key objectives of the NIS Directive is to ensure that Operators of Essential Services (OES) take appropriate and proportionate technical and organisational measures to manage the risks to the security of network and information systems which support the delivery of essential services. The Cyber Assessment Framework (CAF) is intended to assist in achieving effective security assessments
Results summary: IASME Governance aligns with all CAF requirements at either Achieved or Partially Achieved level
Download the mapping between IASME Governance and the CAF here
ISO27001 / ISO27002
ISO27001 / ISO27002 - This International Standard specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organisation.
Results summary: IASME Governance maps to the majority of the ISO2700x controls at achieved or partially achieved level
Download the mapping between IASME Governance and ISO27001 here
NHS Digital Data Security and Protection Toolkit
The NHS Data Security and Protection Toolkit is an online self-assessment tool that allows organisations to measure their performance against the National Data Guardian’s 10 data security standards. All organisations that have access to NHS patient data and systems must use this toolkit to provide assurance that they are practising good data security and that personal information is handled correctly.
Results summary: For the majority of topics, the IASME Governance standard meets or exceeds the requirements of the NHS Digital Data Security Standards. In some areas an action, process or tool that is specific to the NHS is referenced by the standard which does not map directly to the IASME Governance standard
Download the mapping between IASME Governance and the NHS Digital Data Security and Protection Toolkit here