IASME Governance Standard at a Glance
The IASME Governance Standard is a step up in security from Cyber Essentials.
The IASME Governance Standard has been tailored specifically for small companies. It is a realistic and affordable way for SMEs to demonstrate that they are following best practice, and have taken into account the requirements of General Data protection regulation (GDPR).
Building on the technical controls of Cyber Essentials, IASME requires that a basic information security management system is in place. This involves you considering the cyber risks you face and being able to implement a implement appropriate security measures
Management regime with controls in
Identification of what is important to the organisation and what needs to be secured.
Protection to make it as secure as possible within the risk profile of organisation.
Detection of defects and vulnerabilities in business processes, accidental or deliberate security incidents and avoiding of attacks.
4 Respond and Recover
Response and recovery from incidents in line with the level of resilience needed by the business.
Levels of Certification
The organisation answers questions about how security is managed within their organisation. To pass certification most questions need to be answered positively. A board member asserts that the questions have been answered honestly.
The questions are marked by an accredited assessor who is a security professional and has been through training and licensed with IASME.
See FAQ for common Questions about Self-Assessments.
IASME Governance Audited
Having passed the basic self-assessment, organisations can opt to upgrade their certifications to IAME Governance Audited
Security measures are verified by an independent auditor, providing further proof you are following the requirements of your chosen standard.
Organisations are expected to complete audited certification with 3 months of having passed the self-assessment level.
See FAQ for common Questions about Cyber Essentials Plus
For more information Cyber Essentials certification click here
For a comparison of the Cyber Essentials is the IASME Governance Standard available