Mapping to other Standards

Mapping the IASME Governance Standard against other Standards

The IASME governance standard maps closely to a number of widely recognised cyber security and assurance standards and guides. This means it can be used to demonstrate compliance to many of these standards.

The IASME team has mapped the standard and assessment question set to the standards listed below. The mapping comparisons are free for you to download. Although we have discussed the mapping with a number of experts in the field, it can always be improved upon and we would welcome your feedback. Please do contact us with any comments or suggestions on these mappings.

10 Steps to Cyber Security

The 10 Steps Guidance was designed for organisations looking to protect themselves in cyberspace. The 10 Steps to Cyber Security was originally published in 2012 and is now used by a majority of the FTSE350

Results Summary: IASME Governance aligns directly with 10 Steps to Cyber Security on all topics

Download the mapping between IASME Governance and the 10 Steps Guidance here

 

NIS Directive - Cyber Assessment Framework (CAF)

One of the key objectives of the NIS Directive is to ensure that Operators of Essential Services (OES) take appropriate and proportionate technical and organisational measures to manage the risks to the security of network and information systems which support the delivery of essential services. The Cyber Assessment Framework (CAF) is intended to assist in achieving effective security assessments

Results summary: IASME Governance aligns with all CAF requirements at either Achieved or Partially Achieved level

Download the mapping between IASME Governance and the CAF here

NHS Digital Data Security and Protection Toolkit

The NHS Data Security and Protection Toolkit is an online self-assessment tool that allows organisations to measure their performance against the National Data Guardian’s 10 data security standards.  All organisations that have access to NHS patient data and systems must use this toolkit to provide assurance that they are practising good data security and that personal information is handled correctly.

Results summary: For the majority of topics, the IASME Governance standard meets or exceeds the requirements of the NHS Digital Data Security Standards. In some areas an action, process or tool that is specific to the NHS is referenced by the standard which does not map directly to the IASME Governance standard

Download the mapping between IASME Governance and the NHS Digital Data Security and Protection Toolkit here