IASME Governance
Frequently Asked Questions

IASME Governance certification is aligned to the Government’s Ten Steps to Cyber Security and includes Cyber Essentials certification as well as controls around people and processes.

IASME governance certification also covers the General Data Protection Regulation (GDPR) requirements. IASME Governance is aligned to a similar set of controls to ISO 27001 but is more affordable and achievable for small and medium sized organisations to implement.

No – Cyber Essentials Plus is an audited level of the Cyber Essentials assessment, testing the 5 Cyber Essentials controls only.

IASME Governance Audited (sometimes known as IASME Gold) is an independent on-site audit of the level of information security provided by your organisation, against the IASME Governance standard. It is aligned to a similar set of controls to ISO 27001 but is more affordable and achievable for small and medium sized organisations to implement.

The standard includes GDPR requirements and adds additional topics that mostly relate to people and processes, for example: • Risk assessment and management
• Training and managing people
• Change management
• Monitoring
• Backup
• Incident response and business continuity

We suggest that the Cyber Essentials and IASME Governance are assessed at the same time, but they can be done separately provided that the IASME Governance is completed within 6 months of the Cyber Essentials certification.

We suggest that the Cyber Essentials and IASME Governance are assessed at the same time, but they can be done separately provided that the IASME Governance is completed within 6 months of the Cyber Essentials certification.

IASME Governance is particularly suitable for businesses that are working towards ISO 27001 and want a stepping stone, or for those who want to align with ISO 27001.

The IASME consortium have mapped the IASME governance standard to the ISO 27001 standard. This mapping can be found in the following link.

You can publish the Cyber Essentials and IASME Governance badges on your website and email footers.

IASME Governance not only gives firms their Cyber Essentials certification, but also additional assurances that their Data Protection and risk management processes are following best practice. IASME Governance demonstrates to customers and suppliers that you consider data protection a priority. 

Shopping Cart