The Governance standard by IASME was developed over several years as part of a government funded project to create a cyber security standard which would be an affordable and achievable alternative to the international standard, ISO 27001.
The IASME Governance standard allows smaller Businesses to demonstrate their level of cyber security for a realistic cost and show stakeholders that they have a security management system in place to properly protect their customers’ as well as other sensitive information.
The IASME Governance assessment includes a Cyber Essentials assessment as well as GDPR requirements and can be completed either as a self-assessment or on-site audit.
IASME Governance Audited
– Price on Application
An IASME Governance Audit requires an on-site audit of your governance processes and procedures covered by the IASME Governance standard. IASME Governance Audited (sometimes known as IASME Gold) is an independent on-site audit of the level of information security provided by your organisation. It offers a similar level of assurance to the internationally recognised ISO 27001 standard but is simpler and often more cost effective for small and medium-sized organisations to implement.
The audited IASME Governance standard is IASME’s highest level of certification and is an excellent alternative to ISO 27001 for small and medium sized organisations
IASME Governance Includes:
The standard includes all of the five Cyber Essentials technical topics and adds additional topics that mostly relate to people and processes. For example:
- Risk Assessment & Management
- Change Management
- Training and Managing People
- Incident Response & Business Continuity
By gaining the Audited IASME Governance certificate your organisation is achieving IASME’s highest level of certification and providing assurance to customers and suppliers that your organisation’s security has been audited by a skilled, independent third-party.
The audited certification is renewed at the end of years 1 and 2, Solutions 4 IT will contact you before this date to arrange. At the end of year 3 a full audit, as described above, is required again to renew the certification.
WHERE IS THE IASME GOVERNANCE AUDITED STANDARD USED?
The procurement teams of many large companies will accept the IASME Governance Audited standard as independent confirmation of good information and cyber security practice.
This is extremely useful when trying to win tenders and renew contracts, particularly where supplier requirements mention ISO 27001.
For example, The Government of Jersey is one organisation that has specified IASME Governance Standard within its security standards document.
HOW IS THE ASSESSMENT CARRIED OUT?
The first step towards achieving the IASME Governance Audited standard is to contact Solutions 4 IT for a quote. You can do this by filling in the form on this page and one of our experts will be in touch.
Solutions 4 IT are a Certification Body for IASME, if you choose to move forward with an audit, we will discuss with you the scope of the assessment and arrange a mutually convenient time to visit your organisation’s head office to carry out an audit of your policies and process.
The audit usually involves interviews with members of staff and a review of documentation and system configuration.
It does not involve a technical assessment unless you are being assessed to Cyber Essentials PLUS at the same time, although it may be helpful to have technical staff available to provide evidence to the assessor of your system configuration.
The assessor may also wish to visit branch offices or other locations in order to satisfy themselves that your good security practice is reflected across the organisation.
Latest Cyber Security News
Research suggests that cyber security breaches are expected to grow to 15.4 million by 2023. Despite technological improvements and advancements in recent years, cyber security still proves to be a growing issue no matter how much security is used.
In a startling revelation, a recent report by Recorded Future’s Insikt Group exposes North Korean hackers' staggering theft of $3 billion in cryptocurrency since 2017. This illicit activity showcases the regime's sustained involvement in the cryptocurrency sector,...
In a shocking revelation, Vikas Singla, the former Chief Operating Officer (COO) of network Cyber Security firm Securolytics, has admitted to hacking two US hospitals with the sinister motive of generating business for the company he worked for. This alarming...
In today's digital age, where cyber threats are ever-present, safeguarding your business against cyber attacks is of paramount importance. That's where Cyber Essentials (CE) comes in. This article explores how this scheme can protect your business from potential...