NCSC Cyber Incident Exercising

NCSC Cyber Incident Exercising Scheme

IASME is a Delivery Partner for a new National Cyber Security (NCSC) scheme to help you find high-quality providers of Cyber Incident Exercising services.

Organisations that have good incident response plans are best placed to respond to cyber attacks and can get back up and running again quicker than those without. Cyber incident exercising allows your organisation to test its cyber incident response plans and make improvements before a cyber attack occurs.

Get help testing your incident response plan with a provider who has been assured by the NCSC via the Cyber Incident Exercising Scheme. The assurance process, operated by IASME, ensures that the provider meets the NCSC’s rigorous standards for high quality cyber incident exercising, with sufficient skills and experience of running cyber exercises such as table top and live play exercises.

The scheme is aimed at incidents that fall into category 3, 4 and 5 of the UK’s Cyber Attack categorisation system.

Further information can be found in the FAQ about Incident Exercising services here.

You can contact a CIE Assured Service Provider directly. A list of providers can be found below and on the NCSC website.

For information about becoming an Assured Service Provider, please scroll down.

NCSC Assured Service providers for Cyber Incident Exercising

Company NameLocation
CyberCrowd Limited

Oxford Square, Second Floor, St Anthony’s House, Newbury, Berkshire, RG14 1JQ

Evolve North

Gatherley House, Richmond, Richmond, North Yorkshire, DL10 6QH

Storm Guidance Limited

First Floor, 99 Bishopsgate, London, EC2M 3XD

Right Cue

The Square, Basing View, Basingstoke, Hampshire, RG21 4EB

Cyber Chain Alliance Ltd


URM Consulting Services Ltd

Blake House, Manor Farm Park, Manor Farm Road, Reading, Berkshire, RG2 0JH

Templar Executives Limited

83 Victoria Street, London, SW1H 0HW

Vertical Structure Ltd

1 Edward Street, Belfast, BT1 2LR

I’m a cyber security company and I’d like to become an Assured Service Provider for Incident Exercising

Applications are open to all companies who can meet the NCSC’s Technical Standard for Incident Exercising. 

IASME works with companies of all sizes across all our schemes, including micro and small businesses. In fact, our company was originally established to help smaller organisations get into cyber security! So, if you are a smaller organisation and can meet the standard, we can help you get assured.

The process involves an initial application where we verify a few details about your company, including your quality and security certifications. The next stage is to complete an online assessment where you will need to provide evidence of your experience in offering incident exercising services as well as case studies and references from previous clients. Your application is then assessed (and you may be asked for further information). You will then receive the outcome. If you have successfully demonstrated your ability to meet the requirements, you can then join the scheme as an Assured Service Provider.

There is an onboarding cost of £1,100 + VAT.

Further details about the process, including ongoing costs and timeframes, can be found in the Frequently Asked Questions page.

When you are ready to start the process, please contact our customer services team [email protected]. If you have any questions, please do give us a call on 0330 088 2752.