Become an Assessor

We licence the delivery of Cyber Essentials (basic and Plus) assessments and IASME governance assessments (including GDPR readiness) to a number of highly professional companies. These companies are known as Certification Bodies. Each assessor within those Certification Bodies must go through training and pass the relevant assessments and exams.

IASME ASSESSOR ROLES

The following assessor roles are recognised by IASME but one person can take on as many of these roles as they want. One person can assess against all of these roles or just one. The only limitation is that you also need to be a Cyber Essentials basic assessor if you want to be an IASME Governance assessor.

  • Cyber Essentials (basic) assessor
  • Cyber Essentials Plus assessor
  • IASME Governance assessor

Each of these roles require a one day training course. All the training is currently delivered remotely.

The costs are as follows:

  • Cyber Essentials (basic) training – £800 (includes the cost of Cyber Essentials certification)
  • IASME Governance training – £800 (includes the cost of IASME Governance basic and audited certification and also the IASME Quality Principles certification)
  • Cyber Essentials Plus training – £500

For individuals who already are Cyber Essentials assessors but want to become an IASME Governance assessor they only need attend the IASME Governance training day but the cost for that day is £1,000 which includes the cost of IASME Governance basic and audited certification and also the IASME Quality Principles certification.

CYBER ESSENTIALS

ASSESSOR COURSE

To become a basic level Cyber Essentials Assessor, you will first need to have 3 years’ experience of working in IT or Cyber Security and be based in the UK or Crown Dependancies.  You will also need to pass the free Assessor Skills exam unless you already hold one of these qualifications:

  • CISSP
  • CISM
  • Certified Professional (CCP) SIRA, IA Auditor or IA Architect roles at Practitioner-equivalent level or above
  • ISO27001 Lead Auditor

You will then need to attend and complete the one day Cyber Essentials course and pass the exam. As part of this course, and included in the cost, your company will complete the Cyber Essentials verified self-assessment.

After passing this course, you will be qualified to assess against Cyber Essentials (basic).

If you need to pass the Assessor Skills exam then please contact us and we will send you the details.

IASME Governance ASSESSOR COURSE

To become an IASME Governance Assessor, you will first need to have 3 years’ experience of working in IT or Cyber Security and also pass the free Assessor Skills exam unless you already hold one of these qualifications:

  • CISSP
  • CISM
  • Certified Professional (CCP) SIRA, IA Auditor or IA Architect roles at Practitioner-equivalent level or above
  • ISO27001 Lead Auditor

You will then need to attend and complete the one day IASME Governance Assessor course and pass the exam. As part of this course, and included in the cost, your company will complete the Cyber Essentials and IASME governance verified self assessment, the IASME Quality Principles verified self-assessment and also have an on-site audit against the IASME Governance standard.

After passing this course you will be paired up with another trainee Certification Body and you will need to conduct a mutual on-site governance audit. These can be conducted remotely at the moment but there is a requirement for a site visit at a later date. After you have completed this and successfully been certified by your partner trainee, you will be qualified to assess against Cyber Essentials (basic) and the IASME Governance standard (basic and audited), including the GDPR requirements.

If you need to pass the Assessor Skills exam then please contact us and we will send you the details.

CYBER ESSENTIALS PLUS

ASSESSOR COURSE

If you want to assess against Cyber Essentials Plus you need to already have 3 years experience of working in IT or Cyber Security and be based in the UK or Crown Dependancies.  In order to deliver Cyber Essentials Plus assessments, every Certification Body will need at least one ‘Lead Assessor’.  A Lead Assessor must hold one of the qualifications listed below:

  • CREST Registered Penetration Tester
  • CREST Certified Infrastructure Tester
  • Cyber Scheme Team Member (CSTM)
  • Cyber Scheme Team Leader (CSTL)
  • EC-Council Certified Security Analyst (ECSA):
    Penetration Testing practical
  • Offensive Security Certified Professional (OSCP)
  • TigerScheme Team Member (CTM/QSTM)
  • TigerScheme Team Leader (CTL/SST)

All other CE+ assessors within the same Certification Body will be required to have at least 3 years experience of working in IT or Cyber Security and pass the Vulnerability Assessment Plus exam.  This exam has been developed by IASME and NCSC and more details will be published soon.

All Cyber Essentials Plus assessors will then need to take part in and pass the online Cyber Essentials Plus training course.

You will also need to attain Cyber Essentials Plus certification for your company. We encourage the attendees on the course who pass to pair up and assess each other against Cyber Essentials Plus once they have become Certification Bodies.

CONTRACT

Once the Assessor has successfully completed the training, gained the relevant certification and passed the exams / assessments the company they work for can become a Certification Body. All Certification Bodies need to sign and return the associated contract.

All Certification Bodies have to show they meet both security and quality requirements.  They can do this by holding one of these security certifications

  • Achieving UKAS-accredited ISO 27001 certification
  • Achieving audited IASME Governance Gold certification

They also need to hold one of these quality requirements:

  • Achieving UKAS-accredited ISO 9001 certification
  • Achieving the IASME Governance Quality Principles alongside an IASME Governance Gold certification
  • Achieving the QG Quality Fundamentals+ certification

If your company is interested in becoming a Certification Body please contact us. Your professionalism, expertise and attitude is more important to us than size and we are happy to licence to companies of all sizes.

IASME ACCREDITED TRAINING COURSES

The Cyber Essentials Scheme is changing from April 2020. The new training courses to prepare assessors are under development and as soon as it is ready we will schedule the courses and list them here. If you would like us let you know when they are ready then please contact us and let us know.

COURSE TITLELOCATIONDATECOSTORGANISERCONTACT
Cyber Essentials Plus AssessorWebinar23 Sep 2020£500IASME[email protected]
Cyber Essentials AssessorWebinar14 Oct 2020£800IASME[email protected]
IASME Governance AssessorWebinar15 Oct 2020£800IASME[email protected]
Cyber Essentials Plus AssessorWebinar28 Oct 2020£500IASME[email protected]
Cyber Essentials AssessorWebinar04 Nov 2020£800IASME[email protected]
IASME Governance AssessorWebinar05 Nov 2020£800IASME[email protected]
Cyber Essentials Plus AssessorWebinar18 Nov 2020£500IASME[email protected]
Cyber Essentials AssessorWebinar09 Dec 2020£800IASME[email protected]
IASME Governance AssessorWebinar10 Dec 2020£800IASME[email protected]
Cyber Essentials Plus AssessorWebinar16 Dec 2020£500IASME[email protected]

Find Out More

Have a look at our Frequently Asked Questions or speak to our team