IASME Cyber Assurance Level Two involves an audit of your processes, procedures and controls required by the standard. The audit is independent and conducted by an IASME Certification Body and Assessor. You will need to have completed the IASME Cyber Assurance Level One certification before you can progress to the Level 2 audit.
To get a quote for your Level Two certification, please speak to your Certification Body.
Your chosen Certification Body will discuss with you the scope of the assessment and arrange a mutually convenient time to visit your organisation’s head office to carry out an audit of your policies and process. This audit usually involves interviews with members of staff and a review of documentation and system configuration.
It does not involve a technical assessment unless you are being assessed to Cyber Essentials PLUS at the same time, although it may be helpful to have technical staff available to provide evidence to the assessor of your system configuration.
The assessor may also wish to visit branch offices or other locations in order to satisfy themselves that your good security practice is reflected across the organisation.
There is a prerequisite to applying for IASME Cyber Assurance; you must hold a valid Cyber Essentials certificate throughout your IASME Cyber Assurance certification.