The IASME Standard is an information assurance standard that is particularly relevant to small and medium sized businesses who want to demonstrate their commitment to cyber security but without the expense and complexity of ISO/IEC 27001 certification.
This standard is becoming a mandatory requirement for UK Government, Welsh Government, NHS Wales and Supply chains for companies supplying certain products and services.
A significant proportion of the standard is covered within Cyber Essentials, but IASME adds compliance aspects such as Risk Assessments, ICT Policy, Asset Management, Personnel Security, Physical Security, Monitoring, Backup & Restore, Incident Management, and Disaster Recovery.
By certifying to the IASME governance standard including the specific GDPR questions, you show your organisation has a wider governance system for management of the controls protecting personal data.
The IASME Standard, at a realistic cost, allows smaller companies within a supply chain to demonstrate their level of cyber security and that they are able to properly protect their customers information.
Available either as a guided self assessment through our online portal or by assessment by Capital Network Solutions as an IASME Certification Body, IASME offers a realistic and affordable way for SMEs to prove that they are following best practice.
If you pass this assessment you will receive a certificate with a "GDPR Ready" badge which you can use to demonstrate to you customers that you have put things in place to prepare for GDPR.
Larger businesses can also use the IASME certification as an alternative to the ISO/IEC BS27001 standard.