The IASME Cyber Assurance standard, formerly known as IASME Governance, is a comprehensive, flexible and affordable cyber security standard. It provides assurance that an organisation has put into place a range of important cyber security, privacy and data protection measures.

About IASME Cyber Assurance

The IASME Cyber Assurance standard was developed over several years during a government funded project to create a cyber security standard which would be an affordable and achievable alternative to other international standards. It allows small and medium enterprises in a supply chain to demonstrate their level of cyber security for a realistic cost and indicates that they are taking good steps to properly protect their customers’ information.

A wide range of UK and International industry sectors now accept the Level 2 audited IASME Cyber Assurance certification as an alternative to other international standards. Examples are the UK Ministry of Justice and the Government of Jersey. This is a significant step towards reducing barriers to entry for smaller organisations in a supply chain as IASME Cyber Assurance gives SMEs a legitimate way to prove their compliance.

The IASME Cyber Assurance certification includes GDPR requirements and is available in two levels: Level One Verified Assessment and Level Two Audited.
]There is a prerequisite to applying for IASME Cyber Assurance; you must hold a valid Cyber Essentials or Cyber Baseline certificate throughout your IASME Cyber Assurance certification.
There is a prerequisite to applying for IASME Cyber Assurance; you must hold a valid Cyber Essentials certificate throughout your IASME Cyber Assurance certification.

ASME Cyber Assurance Level 1

IASME Cyber Assurance is risk based and includes key aspects of security such as incident response, asset management, people management, physical controls and GDPR compliance.

Level One certification is the first step along the certification pathway for IASME Cyber Assurance.

For the Level One certification, organisations are given access to a secure portal to complete their application and provide details against the Question Set.

The pricing structure for Level One certification is based on the size of the organisation applying for certification.

IASME Cyber Assurance Level 2

IASME Cyber Assurance Level Two involves an audit of your processes, procedures and controls required by the standard. The audit is independent and conducted by an IASME Certification Body and Assessor.

You will need to have completed the IASME Cyber Assurance Level One certification before you can progress to the Level Two audit.

To get a quote for your Level Two certification, please speak to your certification body.

The standard covers 13 themes across 5 areas of control.

IASME Cyber Assurance is risk based and includes key aspects of security such as incident response, asset management, people management, physical controls and GDPR compliance.

Level One certification is the first step along the certification pathway for IASME Cyber Assurance.

For the Level One certification, organisations are given access to a secure portal to complete their application and provide details against the Question Set.

The pricing structure for Level One certification is based on the size of the organisation applying for certification.

Pricing Structure

ca-image

Micro Organisations

0-9 Employees

$390

Small Organisations

10-49 Employees

$520

Medium Organisations

50-249 Employees

$590

Large Organisations

250+ Employees

$650

IASME Cyber Assurance Level Two involves an audit of your processes, procedures and controls required by the standard. The audit is independent and conducted by an IASME Certification Body and Assessor.

You will need to have completed the IASME Cyber Assurance Level One certification before you can progress to the Level 2 audit.

To get a quote for your Level Two certification, please speak to your certification body.

The standard covers 13 themes across 5 areas of control.

cyber assurance themes and topics
IASME governance

On the 25th July 2022, IASME Governance was relaunched under IASME Cyber Assurance.
All certifications granted against the IASME Governance standard are still valid for the duration of the certificate, subject to continuous assessment and independent annual review.

From the 25th July 2022, you will be unable to start any new application against the IASME Governance standard.

If you have started your IASME Governance journey prior to the 25th July 2022, then you are still able to complete the process within a set timeline. Please so contact IASME or your Certification Body for details of this.

A wide range of UK and International industry sectors now accept the Level Two audited IASME Cyber Assurance certification as an alternative to other international standards. Examples are the UK Ministry of Justice and the Government of Jersey.
This is a significant step towards reducing barriers to entry for smaller organisations in a supply chain as IASME Cyber Assurance gives SMEs a legitimate way to prove their compliance.

The IASME Cyber Assurance certification includes GDPR requirements and is available in two levels: Level One Verified Assessment and Level Two Audited. There is a prerequisite to applying for IASME Cyber Assurance; you must hold a valid Cyber Essentials certificate throughout your IASME Cyber Assurance certification.

Find Out More

Have a look at our Frequently Asked Questions or speak to our team