IASME Consortium

IASME Cyber ​​​​Assurance is a unique and well-established certification scheme that is beginning to play a key role in securing supply chains in the UK and overseas.

IASME Cyber ​​​​Assurance is a comprehensive, flexible and affordable cybersecurity standard that ensures that an organization has a number of important cybersecurity, privacy and data protection measures in place.

It aligns directly with the UK Government’s 10 Steps to Cybersecurity with additional data privacy controls and provides small businesses within a supply chain with a ‘correct’ approach to show how secure their data is at realistic cost.

• Small and medium-sized enterprises (SMEs) that have basic cybersecurity needs.
• organizations that do not have any regulatory or compliance requirements but still want to demonstrate their commitment to cybersecurity best practices
• organizations that have limited cybersecurity requirements, budgets, and resources for implementing cybersecurity measures
• organizations new to cybersecurity and want to establish a basic level of cybersecurity hygiene

Phase 1: Initial Requirement Gathering

Initial consultation with the client to understand their business objectives, current IT infrastructure, existing security controls, and any regulatory or compliance requirements.

Phase 2: Gap Analysis

Perform a gap analysis to identify areas where the client’s current cybersecurity measures do not meet the requirements for IASME Cyber Assurance Level 1. This will involve reviewing the client’s current policies, procedures, and technical controls against the five technical controls required for Cyber Essentials certification.

Phase 3: Risk Assessment

Conduct a risk assessment to identify and prioritize potential cybersecurity threats and vulnerabilities. Based on the risk assessment, the consultant will develop a risk management plan that outlines the steps needed to mitigate or eliminate the identified risks.

Phase 4: Implementation Plan

Based on the gap analysis and risk assessment, an implementation plan will be developed that outlines the specific steps needed to achieve IASME Cyber Assurance Level 1 certification.

Phase 5: Implementation Support

Support and guidance will be provided during the implementation phase, which includes training staff, assisting with policy development and technical control implementation, and providing guidance on the Cyber Essentials certification process.

Phase 6: Certification

Once the client has implemented the necessary cybersecurity measures, we will assist with the certification process. This will involve conducting an internal audit to ensure that all requirements have been met, and providing guidance on the submission of the certification application.

Phase 7: Ongoing Support

Provide ongoing support to ensure that the client’s cybersecurity measures remain effective and up-to-date. This may include periodic assessments and audits to identify any new threats or vulnerabilities and make recommendations for improvement.