IASME Governance

iasme-gov-home-page-text

IASME Governance
from £745

Goes beyond Cyber Essentials with additional tests for Information Assurance governance and GDPR. Self assessment questionnaire including our pre-assessment check.

IASME Governance Audited
from £2,495

The audited IASME Governance standard is IASME’s highest level of certification and is an excellent alternative to ISO 27001 for small and medium sized organisations.

trustpilot-excellent-stars.fw
Powered by Stripe - white
Untitled-2.fw
cyber essentials plus certification body.fw
cyber resilience centre trusted partner.fw
crown commercial service supplier.fw
IASME GOVERNANCE

Government backed cyber security standard, alternative to ISO27001

The IASME Governance standard was developed over several years during a government funded project to create a cyber security standard which would be an affordable and achievable alternative to the international standard, ISO 27001.

IASME Governance
accreditation scope

What is the scope of IASME Governance?

IASME Governance certification is aligned to the Government’s Ten Steps to Cyber Security and includes Cyber Essentials certification as well as controls around people and processes. It also covers the General Data Protection Regulation (GDPR) requirements. IASME Governance is aligned to a similar set of controls to ISO 27001 but is more affordable and achievable for small and medium sized organisations to implement.

- Risk assessment and management
- Monitoring
- Change management
- Training and managing people
- Backup
- Incident response and business continuity

the process

What is the difference between IASME Governance Self Assessed and IASME Governance Audited?

Based on international best practice, IASME Governance is risk based and includes key aspects of security such as incident response, staff training, planning and operations. IASME Governance incorporates Cyber Essentials assessment and an assessment against the General Data Protection Regulation (GDPR).

The IASME Governance Audit involves an on-site audit of your governance processes and procedures covered by the IASME Governance standard. IASME Governance Audited (sometimes known as IASME Gold) is an independent on-site audit of the level of information security provided by your organisation.

In the current climate, IASME Governance audits are being carried out remotely by our Assessors.

guidance and support

How is the assessment carried out?

The IASME Governance self-assessed stage is a self-assessed questionnaire where we provide access to an online portal where you can complete the questionnaire in your own time. Once you submit your answers we review your submission and schedule a feedback call to discuss any non-compliances.

IASME Governance audited usually involves interviews with members of staff and a review of documentation and system configuration. It does not involve a technical assessment unless you are being assessed to Cyber Essentials Plus at the same time.

We may need to visit branch offices or other locations in order to satisfy themselves that your good security practice is reflected across the organisation.

business benefits

What are the benefits of achieving IASME Governance?

The three part process which encompasses Cyber Essentials, IASME Governance and an assessment against the GDPR provides assurance to your stakeholders that your security has been audited by a skilled , independent third party giving your organisation the competitive advantage.

Formalise your security

Get a clear picture of your organisations current cyber security level and ensure processes are documented.

Set yourself apart

It's a great selling point for your business too. No matter who the client is from an SME to a FTSE 100 company, they want to know you take security seriously.

Win business

Meet eligibility requirements for certain government and MOD supply chain contracts.

Kath
Kath
2021-03-25
Verified
great service and fast, professional support when needed. Thanks Cyberlab
Chris Goddard
Chris Goddard
2021-03-19
Verified
Our onboarding was very smooth. It's great to know that our cyber security is in the hands of people who know their stuff
Helen Kelly
Helen Kelly
2021-03-18
Verified
We chose Cyberlab to help us develop our cyber security strategy and achieve Cyber Essentials Plus. The platform is easy to navigate and it's easy to find important data. We also receive great support from the Cyberlab team.
James Cartwright
James Cartwright
2021-03-17
Verified
A great organisation to work with. We used them for our Cyber Essentials certification and found them to be most helpful in gaining this. Super quick process from start to finish, never not on the end of an email or telephone to talk to.
Cleverclogs Multimedia LTD
Cleverclogs Multimedia LTD
2021-03-02
Verified
After much research we found Cyberlab. Ryan was my contact from the day one initial quote through Cyber Essentials, Cyber Essentials Audit, IASME Governance self-certified and on to our IASME Governance GOLD certification. The understanding, support and guidance we received from Ryan was simply outstanding. I can’t recommend Cyberlab enough.
Charles Blane
Charles Blane
2021-02-11
Verified
Lloyd
Lloyd
2021-01-13
Verified
We searched the market extensively and evaluated over seven different companies. They varied in price and skillset, we found Cyberlab had a fair price (in the middle third) and an excellent understanding of our needs, the work that needed to be done and this skill set and superior knowledge meant they were the right partner for us. We have bought more services from them since and I would highly recommend them as a 'go to' cyber security and GDPR consultant and auditor. We will use them now for many years going forwards.
Ahmed Khan
Ahmed Khan
2020-11-10
Verified
Madeleine
Madeleine
2020-11-10
Verified
Excellent service, clear advice and guidance for a non techy person!

IASME Governance FAQ

The Cyber Essentials Scheme is a Government scheme that helps organisations to guard against the most common cyber threats from the internet and demonstrate commitment to cyber security. It covers five main technical controls which will protect companies against an estimated 80% of common internet threats. The controls are:

  • Secure your Internet connection (Firewalls and routers)
  • Secure your devices and software (Secure configuration)
  • Control access to your data and services (Access control)
  • Protect from viruses and other malware (Malware protection)
  • Keep your devices and software up to date (Software updates)

IASME Governance certification is aligned to the Government’s Ten Steps to Cyber Security and includes Cyber Essentials certification as well as controls around people and processes. It also covers the General Data Protection Regulation (GDPR) requirements. IASME Governance is aligned to a similar set of controls to ISO 27001 but is more affordable and achievable for small and medium sized organisations to implement.

No – Cyber Essentials Plus is an audited level of the Cyber Essentials assessment, testing the 5 Cyber Essentials controls only. IASME Governance Audited (sometimes known as IASME Gold) is an independent on-site audit of the level of information security provided by your organisation, against the IASME Governance standard. It is aligned to a similar set of controls to ISO 27001 but is more affordable and achievable for small and medium sized organisations to implement.  The standard includes GDPR requirements and adds additional topics that mostly relate to people and processes, for example:

  • Risk assessment and management
  • Training and managing people
  • Change management
  • Monitoring
  • Backup
  • Incident response and business continuity

IASME have mapped IASME Governance to a variety of standards including ISO 27001. For more information please click here.

IASME Governance self assessed is valid for 12 months, IASME Governance Audited is valid for 36 months.

We would normally require the Cyber Essentials and IASME Governance to be assessed at the same time, but they can be done separately provided that the IASME Governance is completed within 6 months of the Cyber Essentials certification.

We will email you with a reminder in advance of your expiry date outlining the steps involved in order to work through your renewal.

Yes, once you have achieved IASME Governance you can display both the Cyber Essentials and IASME Governance badges on your website and marketing collateral.

Getting certified is quick and easy and can be completed in three quick and easy steps.

Firstly, our expert team will guide you through by sending documentation which you can use to prepare yourselves for the online assessment.

Secondly, you will log on to the online portal and complete your self-assessment questionnaire. When you’re ready, you submit your assessment via the portal to be marked by our assessor.

Finally, if you are successful, we’ll issue your two certificates and you can publish the Cyber Essentials and IASME Governance badges on your website and email footers. You can then take advantage of our Free Cyber Insurance up to the value of £25,000.

Got Questions →

If there’s something you’d like to discuss, feel free to give us a call, drop us an email, or write to us using the contact information provided. We look forward to hearing from you!

Looking for Cyber Essentials →

Cyber Essentials is government backed cyber security accreditation which consists of a self assessment questionnaire and optional pre-assessment check with feedback call.

Ready to start your IASME Governance accreditation?