IASME is one of just five companies appointed as Accreditation Bodies for assessing and certifying against the Government's Cyber Essentials Scheme. The Scheme focuses on the five most important technical security controls. These controls were identified by the government as those that, if they had been in place, would have stopped the majority of the successful cyber attacks over the last few years.
IASME Governance Standard
The IASME Governance standard, based on international best practice, is risk-based and includes aspects such as physical security, staff awareness, and data backup. The IASME standard was recently recognised as the best cyber security standard for small companies by the UK Government when in consultation with trade associations and industry groups. The IASME governance self assessment includes the Cyber Essentials assessment within it.
The audited IASME certification is seen as a realistic alternative to ISO27001 by an increasing number of companies.
General Data Protection Regulations (GDPR)
Based on current government guidance and policy it is likely that any organisation proposing to offer goods and services to EU members states will need to comply with the EU General Data Protection Regulations (GDPR) from May 2018. IASME offers the option to be assessed against GDPR requirements as part of the IASME Governance assessment.
Certification against both IASME governance and the Cyber Essentials will indicate a good level of all-round information security. This will be particularly true if you also pass the GDPR assessment questions and indicate that you have made efforts to ensure your company is ready for the introduction of the regulation.