IASME Cyber Baseline is a new cyber hygiene certification scheme for organisations outside the UK. The standard leads the way to offer global supply chains a standardised and respected certification to show that organisations have the basic but critical cyber hygiene measures in place.
IASME Cyber Baseline maps to a number of international cyber hygiene standards and best practices, to which there may formerly have been no way of demonstrating compliance because they do not have assessments and certification associated with them.
The scheme is an important first step for many organisations in proving that they are serious about cyber security. It is one pre-requisite to the next step of certifying to the comprehensive risk based and policy driven standard, IASME Cyber Assurance.
The IASME Cyber Assurance is IASME’s comprehensive, flexible, risk-based certification scheme that was developed for SMEs as an effective and legitimate alternative to ISO27001. Certification provides assurance that an organisation has put into place a range of important cyber security, privacy and data protection measures and is starting to play a key role in securing supply chains in the UK and abroad.
IASME has recently partnered with Bermuda’s Office of the Privacy Commissioner ( PrivCom) to deliver the IASME Cyber Assurance standard which allows organisations to demonstrate their compliance with Bermuda’s privacy regulations, Personal Information Protection Act (PIPA).
IASME Cyber Baseline is an annually renewable certification that can:
- Demonstrate that your organisation has the basic cyber hygiene in place to help protect your data and customers against mass automated attacks from the internet
- Open doors to new customers and procurement frameworks, allowing your organisation to compete for contracts which require evidence of cyber security
- Demonstrate that your organisation aligns with global cyber hygiene and cyber security frameworks* (*such as Cobit, CIS Controls v8)
- Provide a first step towards IASME Cyber Assurance certification
The 8 themes of IASME Cyber Baseline
The IASME Cyber Baseline scheme allows every size of organisation in every sector to start their cyber security journey with simple cyber security measures along 8 themes. As organisations increase their maturity, they may choose to continue developing their security posture towards including the full 13 themes of IASME Cyber Assurance.
How does the scheme work?
The IASME Cyber Baseline assessment consists of a verified assessment questionnaire which must be answered on the on-line assessment platform after registering for certification. A senior member of the board or equivalent from your organisation must e-sign a document to verify that all the answers are true and then a qualified external Assessor will mark the answers.
How much does it cost?
The pricing of IASME Cyber Baseline has a tiered structure based on organisation size. Prices will be featured in British pounds and US dollars and start from £300 + VAT for an assessment for micro-organisations. Small, medium and large organisations pay a little more, on a sliding scale up to a maximum of £500 which aims to reflect the complexity involved in assessing larger organisations.
The IASME International Certification Bodies
IASME is increasing its network of cyber security companies and Assessors around the world who are trained and licensed to certify organisations against the IASME Cyber Baseline and Assurance standards.
If you are interested in finding out more about becoming an IASME Cyber Baseline Assessor, you can find more details about requirements for Assessors by emailing our Training Team on [email protected]