What is IASME Cyber Assurance?
IASME Cyber Assurance is a comprehensive, flexible and affordable Cyber Security Standard. Compliance
with the Standard demonstrates that an organisation has implemented key cyber security, privacy and data
protection measures.
The standard sets out important cyber security measures, which include:
- Assessing and managing risk.
- Training.
- Setting practical policies.
- Implementing resilience strategies – Incident response, backing up data and business continuity planning.
It also addresses compliance with legal and regulatory requirements, such as the GDPR and the DPA 2018.
How does the certification process work?
Firstly, the applicant can download the latest copy of the standard directly from the IASME website. Once the standard has been implemented within the applicant's organisation, the next step would be to obtain accreditation, to verify the standard is being followed.This comes in the form of Cyber Assurance Level 1 and Level 2.
3B Data Security offer consultancy around the standard, for those who require further assistance in its implementation.
Cyber Assurance is available in two levels:
A verified self-assessment is conducted.
The organisation will be provided
access to a secure portal to answer
around 137 questions regarding the 13
themes of the standard. The
assessment is then marked by a
Certification Body to ensure the clients
implementation is in-line with the
standard. The Level 1 assessment must
be renewed annually.
An independent assessor will conduct
an on-site audit of the controls,
processes and procedures covered in
the IASME Cyber Assurance
standard. The audited version gives a
higher level of assurance and is pass
or fail. Passing the Level 1
assessment is the pre-request to
undertaking the Level 2 audit. The
Level 2 assessment must be renewed
every three years, whilst the Level 1
assessment is carried out annually.
Are there any prerequisites to achieve certification?
An organisation must hold Cyber Essentials Certification in order to implement Cyber Assurance Level 1.
Cyber Assurance Level 1 is a prerequisite to Level 2.
Cyber Assurance Level 1 is a prerequisite to Level 2.
Cyber Assurance Benefits
Helps your organisation identify and address potential security threats.
Gives SMEs a legitimate way to prove their compliance.
Quicker and more affordable to achieve than ISO 27001.
A wide range of sectors now accept Cyber Assurance certification as an alternative to ISO 27001 for small companies.
Demonstrates to customers, partners and stakeholders that you take cyber security and data protection seriously.
