IASME is extremely honoured to have been chosen by the National Cyber Security Centre (NCSC) to be their sole Cyber Essentials Scheme Partner from April 2020. See more about this announcement here.
IASME assesses and certifies organisations against two standards at both the self assessment and audited levels.
- The IASME Governance Standard
- The Cyber Essentials Scheme
The self assessment cost includes automatic cyber liability insurance for any UK domiciled organisation with less than £20m annual turnover, terms apply.
Cyber Essentials Scheme
IASME is currently one of five companies appointed as Accreditation Bodies for assessing and certifying against the Government's Cyber Essentials Scheme. From April 2020, IASME will be the sole Cyber Essentials Partner for the delivery of Cyber Essentials.
The Cyber Essentials Scheme focuses on the five most important technical security controls. These controls were identified by the government as those that, if they had been in place, would have stopped the majority of the successful cyber attacks over the last few years,
IASME Governance Standard
The IASME Governance standard, based on international best practice, is risk-based and includes aspects such as physical security, staff awareness, and data backup. The IASME Governance standard was recognised as the best cyber security standard for small companies by the UK Government when in consultation with trade associations and industry groups. The IASME Governance self assessment includes the Cyber Essentials assessment within it as well as an assessment against the requirements of the GDPR. It maps exactly against the government's 10 Steps to Cyber Security.
The audited IASME Governance certification is seen as a realistic alternative to ISO27001 by an increasing number of companies. Find out more and download the standard for free here.
General Data Protection Regulation (GDPR)
The European Data Protection Regulation (GDPR) was adopted by all EU member states in April 2016. This allowed businesses 2 years to prepare for enforcement of the Regulation in May 2018.
Under GDPR, all businesses that wish to provide goods and services to EU residents are required to conform to the requirements it lays down. All businesses are deemed in scope unless they prove otherwise. Undertaking Cyber Essentials and IASME Governance, the latter of which includes GDPR requirements, is a good way to visibly show your customers that you have put things in place to meet the Regulation.
Article 5, Principle 6 of the GDPR requires organisations to use ‘appropriate technical or organisational measures’ to ensure ‘appropriate security of the personal data’. You can see how IASME’s certifications support GDPR requirements here.
Further information and guidance on GDPR is available via the website of the Information Commissioner’s Office.
Certification against both IASME Governance and the Cyber Essentials will indicate a good level of all-round information security.
IASME has a project to develop and launch a simple, affordable internet protection monitoring service for vulnerable individuals in the community, such as the elderly, people with a learning disability and those who have already been a victim of crime. This service will also be available for small and micro organisations. Click here to find out more.
IASME has employed 14, previously unemployed, neuro-diverse individuals to staff this project and is keen to advise other organisations who want to employ people who need a bit of extra support.