IASME Governance Audited

Maps to The Government’s 10 steps to cyber security & NIS Directive

The audited IASME Governance standard is IASME’s highest level of certification and is an excellent alternative to ISO 27001 for small and medium sized organisations

Apply Now

The standard includes all of the five Cyber Essentials technical topics and adds additional topics that mostly relate to people and processes, for example:

Risk assessment and management

Monitoring

Change management

Training and managing people

Backup

Incident response and business continuity

By gaining the Audited IASME Governance certificate your organisation is achieving IASME’s highest level of certification and providing assurance to customers and suppliers that your organisation’s security has been audited by a skilled, independent third-party.

WHERE IS THE IASME GOVERNANCE AUDITED STANDARD USED?

The procurement teams of many large companies will accept the IASME Governance Audited standard as independent confirmation of good information and cyber security practice.

This is extremely useful when trying to win tenders and renew contracts, particularly where supplier requirements mention ISO 27001.

For example, The Government of Jersey is one organisation that has specified IASME Governance Standard within its security standards document.

HOW IS THE ASSESSMENT CARRIED OUT?

The first step towards achieving the IASME Governance Audited standard is to contact one of IASME’s Certification Bodies for a quote. You can do this through an online form and we will ask two Certification Bodies in your region to send you a quote.

Your chosen Certification Body will then discuss with you the scope of the assessment and arrange a mutually convenient time to visit your organisation’s head office to carry out an audit of your policies and process.

This audit usually involves interviews with members of staff and a review of documentation and system configuration.

It does not involve a technical assessment unless you are being assessed to Cyber Essentials PLUS at the same time, although it may be helpful to have technical staff available to provide evidence to the assessor of your system configuration.

The assessor may also wish to visit branch offices or other locations in order to satisfy themselves that your good security practice is reflected across the organisation.

RENEWAL

The audited certification is renewed at the end of years 1 and 2 by simply renewing the online IASME Governance assessment.

At the end of year 3 a full audit, as described above, is required again to renew the certification.

Find Out More

Have a look at our Frequently Asked Questions or speak to our team

FAQs

Cookie	Type	Duration	Description
cookielawinfo-checkbox-analytics		1 year	This cookies is set by GDPR Cookie Consent WordPress Plugin. The cookie is used to remember the user consent for the cookies under the category "Analytics".
cookielawinfo-checkbox-analytics	persistent	1 year	This cookies is set by GDPR Cookie Consent WordPress Plugin. The cookie is used to remember the user consent for the cookies under the category "Analytics".
cookielawinfo-checkbox-necessary		1 year	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-necessary	persistent	1 year	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-non-necessary		1 year	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Non-necessary".
cookielawinfo-checkbox-non-necessary	persistent	1 year	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Non-necessary".

Cookie	Type	Duration	Description
__cfduid		1 month	The cookie is used by cdn services like CloudFare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It does not correspond to any user ID in the web application and does not store any personally identifiable information.
__cfduid	persistent	1 month	The cookie is used by cdn services like CloudFare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It does not correspond to any user ID in the web application and does not store any personally identifiable information.
_ga		2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_ga	persistent	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gat_gtag		1 minute	Used to throttle too many requests from being issued within a short time. This is part of the Google Analytics suite of services.
_gat_gtag	persistent	1 minute	Used to throttle too many requests from being issued within a short time. This is part of the Google Analytics suite of services.
_gid		1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visited in an anonymous form.
_gid	persistent	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visited in an anonymous form.
_hjAbsoluteSessionInProgress	persistent	30 minutes	This cookie is used to detect the first pageview session of a user. This is a True/False flag set by the cookie.
_hjFirstSeen	Session	1 year	This is set to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by Recording filters to identify new user sessions.
_hjid	persistent	365 days	Hotjar cookie that is set when the customer first lands on a page with the Hotjar script. It is used to persist the Hotjar User ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.
ajs_anonymous_id	persistent	365 days	This cookie is set by Segment as a randomly generated ID for anonymous users.