IASME Governance Standard

An information security standard designed for smaller companies

What IASME means

Xcina IS is an approved certification body for The IASME Consortium - Information Assurance for Small and Medium Enterprises - an information security standard designed for smaller companies.

The IASME Governance standard is risk-based, and focuses on physical security,  staff awareness, and data backup.  It is written along similar lines to ISO 27001, but is a more practical option for SMEs.  This standard incorporates Cyber Essentials and an optional GDPR assessment.

When an organisation with a turnover under £2 million achieves self-assessed certification covering their whole organisation, they are automatically awarded Cyber Liability Insurance to a limit of indemnity of £25,000 (terms apply).

The IASME assessment requires you to demonstrate:

Effective Security Governance

Implementation of GDPR principles

A good overall level of cyber security

IASME Standard Services

The first step towards achieving full IASME compliance is an IASME Verified Self-Assessment, which involves completion of a questionnaire relating to Cyber Essentials, GDPR and Governance.  Your responses are scrutinised and verified by Xcina IS, who will then issue your certificate if you are deemed to be compliant.

This can be followed by Audited IASME Governance (also known as IASME Gold), where the information provided in your self-assessment is reviewed and discussed with our cyber engineers, who will then submit a report to IASME for moderation and approval.  Once the report is approved, your IASME Gold certificate and badges will be sent to you for use in your marketing materials.

If you are interested in gaining IASME certification or have any queries relating to the standard, please contact us today.