top of page


IASME Cyber Assurance is a comprehensive, flexible and affordable cyber security standard that provides assurance that an organisation has put in place a range of important cyber security, privacy and data protection measures.

It aligns directly with the UK Government’s 10 steps to Cyber Security with additional Data Privacy controls and offers smaller companies within a supply chain a ‘right sized’ approach to show their level of information security for a realistic cost.


Important cyber security measures are included such as assessing and managing risk, training people and setting practical policies and procedures. Key resilience strategies are covered and include backing up data, business continuity planning and incident response. Legal and regulatory requirements are also addressed such as your country’s implementation of GDPR (in the UK this is the Data Protection Act).

How does IASME cyber assurance work?

IASME cyber assurance

IASME Cyber Assurance is available in two levels - verified assessment and audited

For Level 1 – verified assessment, organisations access a secure portal to answer around 160 questions about their security. The assessment is marked by a Certification Body and a pass or fail is returned to the organisation.


For Level 2 – audited, an independent assessor conducts an on-site audit of the controls, processes and procedures covered in the IASME Cyber Assurance standard. The audited version gives a higher level of assurance and is pass or fail. (There are no longer bronze, silver and gold classifications.

The new version of the IASME Cyber Assurance standard has been updated to build upon the solid foundations of the original IASME Governance standard.

Micro Organisations 0-9 Employees £320 +VAT

Small Organisations 10-49 Employees £440 +VAT

Medium Organisations 50-249 Employees £500 +VAT

Large Organisations 250+ Employees £600 +VAT


Why the name change?

The new name reflects a move towards clarifying what the certification means to an organisation and to those in a supply chain.

Please contact us for further details. 

Why has it been updated?

IASME wanted to update the standard to ensure it remains relevant to recent changes to technology

These changes include the move that many businesses have made from on-premise infrastructure to the cloud.

There have also been huge changes to business practices such as working from home and the increased use of mobile and personally owned devices.


Over the years, we have received helpful feedback from businesses and Assessors about the standard – we have incorporated all this into the new version. As a living and evolving piece of work, there will continue to be future updates to the standard.

bottom of page