IASME Cyber Baseline logo orange circle with a tick

Frequently Asked Questions

What is IASME Cyber Baseline?

IASME Cyber Baseline is an international cyber hygiene certification scheme that tackles the basic, but critical, cyber security protection measures. The scheme is an important first step for many organisations in proving that they are serious about cyber security. It is a pre-requisite to the next step of certifying to the comprehensive risk-based and policy-driven standard, IASME Cyber Assurance.

How do I certify?

The IASME Cyber Baseline assessment consists of a verified assessment questionnaire which must be answered on the assessment platform after registering for certification. A senior member of the board or equivalent from your organisation must e-sign a document to verify that all the answers are true and then a qualified external Assessor will mark the answers. Organisations have 6 months from the date of application to pass the assessment and attain certification.

Prepare – Register – Pay – Complete – Certify

You can download the assessment questions free of charge before you certify. It is a good idea to prepare your answers in advance on a working document or spreadsheet which you can copy onto the assessment platform when you are ready. When you wish to apply, register for certification and make a payment.

Download the IASME Cyber Baseline assessment questions
Apply Now for IASME Cyber Baseline

Once your application and payment have been received, you will receive your online assessment portal log-in details so that you can enter your answers into the on-line assessment platform.

It is possible to cut and paste your answers from the preparation spreadsheet onto the assessment platform, but your completed answers on a spreadsheet will not be accepted for assessment. The questions address the scope of the assessment and the cyber security measures around 8 themes. These include organisation structure, asset management, secure architecture, people management, access control, technical intrusion, back up and restore and resilience. You do not have to complete all of your answers at once – you can save them as you go along.

Please note there is a time limit of 6 months from when you purchase your assessment account to completing the assessment. Once you have submitted your assessment for marking, your Assessor may send you feedback. You then have 2 working days to address any feedback.

Once you submit your answers, it will usually take 2 – 3 days to get the result back to you. If you have a tight deadline for certification, then please let us know and we will do our best to help you meet it.

How much does it cost?

The pricing of IASME Cyber Baseline has a tiered structure based on organisation size. Prices start from $390£300 + VAT€360 for an assessment for micro-organisations. Small, medium and large organisations pay a little more, on a sliding scale up to a maximum of $650£500 + VAT€590, which aims to reflect the complexity involved in assessing larger organisations (see table below).


Pricing Structure


Micro Organisations

0-9 Employees

$390£300 + VAT€360

Small Organisations

10-49 Employees

$520£400 + VAT€470

Medium Organisations

50-249 Employees

$590£450 + VAT€530

Large Organisations

250+ Employees

$650£500 + VAT€590

How do I pay?

At the checkout you can pay via card or your PayPal account using the PayPal platform, or alternatively, you can request an invoice be sent to you so you can pay via bank transfer (BACS).

How long will it take me?

It is a good idea to download the question set in advance (available for free from the website here) and prepare the answers before applying. By doing this, you can ensure that there are no unexpected aspects that may take a significant amount of time to comply with. As soon as you have paid, we will send you login details for your online assessment portal.  You will have 6 months to complete your assessment before your account is deleted and unfortunately, we cannot issue a refund if this happens.

If you have prepared your answers in advance, filling out the self-assessment might only take about an hour. Once the questions have been submitted, most Assessors will aim to get the results back to you within 3 days.  If you have not been successful, you will then have 2 working days to address the issues, update your answers and resubmit.  The Assessor will then aim to take no more than 3 days to remark the assessment. If you have not included enough information for the Assessor to be able to mark a question, they will return it to you asking for more information.  This step will also take a few days.

How long does certification last?

IASME Cyber Baseline is an annually renewable certification.

How do I prepare?

It is a good idea to prepare your assessment answers early using a working document or spreadsheet. The current assessment question set is available to download from the link below as either a pdf or an excel spreadsheet.  

Download the IASME Cyber Baseline assessment questions here.

Who can help me?

Certification Bodies

IASME has a network of trained and licensed cyber security consultants which we call, Certification Bodies or CBs. These experts, located all over the world can support your organisation in preparing and certifying against IASME Cyber Baseline.

Further questions

Contact a member of the IASME team via email: [email protected]

Or phone: 03300 882 752

or via our website: https://iasme.co.uk/contact-us/ 

How will I get my assessment results and certificate?

IASME ensures that its certificates and badges are secure, transparent and verifiable by using BlockMark digital certificates. Your IASME Cyber Baseline certificate will be a digital BlockMark certificate.

You will first receive an email informing you of your assessment results, following that, you will receive a second email with an attachment of your certificate as a PDF. Within the second email, you will receive a link to create an account on BlockMark that will allow you to access and download your certificate as a digital badge and certificate.  You will be able to embed your badge in your email and website footer as verifiable proof you hold certification.  Your badge should only be used in accordance with the branding guidelines which you can see when you access your account to download your certificate.

 For more information about BlockMark certificates and accounts, please read our user guide here.

What is IASME Cyber Assurance?

IASME Cyber Assurance is a comprehensive risk based standard that covers 13 cyber security themes that include data privacy and policies and procedures. IASME Cyber Baseline allows organisations to start their cyber security journey focusing on 8 of the 13 themes and is a pre-requisite to certifying to IASME Cyber Assurance. 

Can I do IASME Cyber Baseline and IASME Cyber Assurance all in one go?

You can apply for IASME Cyber Baseline and IASME Cyber Assurance at the same time. However, you cannot start your IASME Cyber Assurance application until you have successfully achieved IASME Cyber Baseline.

Both standards have a tiered pricing structure and are chargeable separately.

How do I become an IASME Cyber Baseline Assessor or Certification Body?

To become an IASME Certification Body and Assessor, someone from your company will need to attend and pass the relevant Assessor courses.  More details about requirements for Assessors can be gained by emailing our Training Team on [email protected]
We work with companies of all sizes; micro companies and one person organisations are welcome partners.