IASME Governance

iasme-gov-home-page-text

IASME Governance
from £745

Goes beyond Cyber Essentials with additional tests for Information Assurance governance and GDPR. Self assessment questionnaire including our pre-assessment check.

IASME Governance Audited
from £2,495

The audited IASME Governance standard is IASME’s highest level of certification and is an excellent alternative to ISO 27001 for small and medium sized organisations.

trustpilot-excellent-stars.fw
Powered by Stripe - white
Untitled-2.fw
cyber essentials plus certification body.fw
cyber resilience centre trusted partner.fw
crown commercial service supplier.fw
IASME GOVERNANCE

Government backed cyber security standard, alternative to ISO27001

The IASME Governance standard was developed over several years during a government funded project to create a cyber security standard which would be an affordable and achievable alternative to the international standard, ISO 27001.

IASME Governance
accreditation scope

What is the scope of IASME Governance?

IASME Governance certification is aligned to the Government’s Ten Steps to Cyber Security and includes Cyber Essentials certification as well as controls around people and processes. It also covers the General Data Protection Regulation (GDPR) requirements. IASME Governance is aligned to a similar set of controls to ISO 27001 but is more affordable and achievable for small and medium sized organisations to implement.

- Risk assessment and management
- Monitoring
- Change management
- Training and managing people
- Backup
- Incident response and business continuity

the process

What is the difference between IASME Governance Self Assessed and IASME Governance Audited?

Based on international best practice, IASME Governance is risk based and includes key aspects of security such as incident response, staff training, planning and operations. IASME Governance incorporates Cyber Essentials assessment and an assessment against the General Data Protection Regulation (GDPR).

The IASME Governance Audit involves an on-site audit of your governance processes and procedures covered by the IASME Governance standard. IASME Governance Audited (sometimes known as IASME Gold) is an independent on-site audit of the level of information security provided by your organisation.

In the current climate, IASME Governance audits are being carried out remotely by our Assessors.

guidance and support

How is the assessment carried out?

The IASME Governance self-assessed stage is a self-assessed questionnaire where we provide access to an online portal where you can complete the questionnaire in your own time. Once you submit your answers we review your submission and schedule a feedback call to discuss any non-compliances.

IASME Governance audited usually involves interviews with members of staff and a review of documentation and system configuration. It does not involve a technical assessment unless you are being assessed to Cyber Essentials Plus at the same time.

We may need to visit branch offices or other locations in order to satisfy themselves that your good security practice is reflected across the organisation.

business benefits

What are the benefits of achieving IASME Governance?

The three part process which encompasses Cyber Essentials, IASME Governance and an assessment against the GDPR provides assurance to your stakeholders that your security has been audited by a skilled , independent third party giving your organisation the competitive advantage.

Formalise your security

Get a clear picture of your organisations current cyber security level and ensure processes are documented.

Set yourself apart

It's a great selling point for your business too. No matter who the client is from an SME to a FTSE 100 company, they want to know you take security seriously.

Win business

Meet eligibility requirements for certain government and MOD supply chain contracts.

Christoffer
Christoffer
2021-07-14
Verified
Fast efficient and knowledgeable - our certification process was smooth and we had only good experiences with the representatives of the company.
TLC
TLC
2021-07-01
Verified
Cyberlab were incredibly helpful and supportive in helping our company achieve Cyber Essentials, we wouldn't hesitate to recommend them!
Gary Williams
Gary Williams
2021-06-24
Verified
A great team at Cyberlab Ryan and Hugo are a pleasure to work with and offer a range of experience and expertise - highly recommended to anyone needing to talk about their business' security posture.
Flynn Nash
Flynn Nash
2021-06-02
Verified
Cyberlab was an absolute pleasure to work with. Incredibly transparent and responsive throughout the whole process. Ultimately delivering high-quality services. Highly recommend.
Conal Maguire
Conal Maguire
2021-05-13
Verified
Excellent service Ryan at Cyberlab provided an excellent service a few months ago when we went for both Cyber Essentials and Cyber Essentials Plus certification. He explained the process very well, and exactly what was expected. He was available to answer any and all questions I posed to him and turned what could have been an arduous task into a relatively painless experience. I wouldn't hesitate to use Cyberlab again and would be happy to recommend them to other businesses.
Robbie
Robbie
2021-04-15
Verified
Support and communication 1st class throughout the whole process.
Tom Slattery
Tom Slattery
2021-04-14
Verified
Very professional and efficient service
Formic Limited
Formic Limited
2021-04-12
Verified
Great Service from Start to Finish, highly recommended! We were looking to move from our current provider of many years due to annual price increases of unprecedented levels and found Cyberlab on a google search. We spoke with Ryan and he explained their process and pricing to us. We selected Cyberlab to do our Cyber Essentials Plus Recertification. We have found them very efficient, cost effective, helpful and courteous throughout the process. We have no hesitation in recommending Cyberlab.
Carol Davies
Carol Davies
2021-04-01
Verified
Excellent, efficient service received from Ryan from start to finish. Portal easy to navigate and populate

IASME Governance FAQ

The Cyber Essentials Scheme is a Government scheme that helps organisations to guard against the most common cyber threats from the internet and demonstrate commitment to cyber security. It covers five main technical controls which will protect companies against an estimated 80% of common internet threats. The controls are:

  • Secure your Internet connection (Firewalls and routers)
  • Secure your devices and software (Secure configuration)
  • Control access to your data and services (Access control)
  • Protect from viruses and other malware (Malware protection)
  • Keep your devices and software up to date (Software updates)

IASME Governance certification is aligned to the Government’s Ten Steps to Cyber Security and includes Cyber Essentials certification as well as controls around people and processes. It also covers the General Data Protection Regulation (GDPR) requirements. IASME Governance is aligned to a similar set of controls to ISO 27001 but is more affordable and achievable for small and medium sized organisations to implement.

No – Cyber Essentials Plus is an audited level of the Cyber Essentials assessment, testing the 5 Cyber Essentials controls only. IASME Governance Audited (sometimes known as IASME Gold) is an independent on-site audit of the level of information security provided by your organisation, against the IASME Governance standard. It is aligned to a similar set of controls to ISO 27001 but is more affordable and achievable for small and medium sized organisations to implement.  The standard includes GDPR requirements and adds additional topics that mostly relate to people and processes, for example:

  • Risk assessment and management
  • Training and managing people
  • Change management
  • Monitoring
  • Backup
  • Incident response and business continuity

IASME have mapped IASME Governance to a variety of standards including ISO 27001. For more information please click here.

IASME Governance self assessed is valid for 12 months, IASME Governance Audited is valid for 36 months.

We would normally require the Cyber Essentials and IASME Governance to be assessed at the same time, but they can be done separately provided that the IASME Governance is completed within 6 months of the Cyber Essentials certification.

We will email you with a reminder in advance of your expiry date outlining the steps involved in order to work through your renewal.

Yes, once you have achieved IASME Governance you can display both the Cyber Essentials and IASME Governance badges on your website and marketing collateral.

Getting certified is quick and easy and can be completed in three quick and easy steps.

Firstly, our expert team will guide you through by sending documentation which you can use to prepare yourselves for the online assessment.

Secondly, you will log on to the online portal and complete your self-assessment questionnaire. When you’re ready, you submit your assessment via the portal to be marked by our assessor.

Finally, if you are successful, we’ll issue your two certificates and you can publish the Cyber Essentials and IASME Governance badges on your website and email footers. You can then take advantage of our Free Cyber Insurance up to the value of £25,000.

Got Questions →

If there’s something you’d like to discuss, feel free to give us a call, drop us an email, or write to us using the contact information provided. We look forward to hearing from you!

Looking for Cyber Essentials →

Cyber Essentials is government backed cyber security accreditation which consists of a self assessment questionnaire and optional pre-assessment check with feedback call.

Ready to start your IASME Governance accreditation?