IASME CYBER ASSURANCE

Your complete, accessible, and cost-effective path to cyber resilience

IASME Cyber Assurance is a comprehensive and affordable way for your organisation to achieve cyber resilience.

The standard provides a roadmap for cyber resilience, ensuring you have the appropriate controls in place when it comes to keeping your business and information systems secure. It is the next step up from Cyber Essentials – a UK government-based certification overseen by the National Cyber Security Centre (NCSC) – and a further step towards achieving ISO 27001.

The IASME Cyber Assurance standard is ideal for businesses of all sizes as it is tailored according to the size and risk profile of your business, from sole trader to larger business employing 250+ staff, ensuring you’re following a framework that addresses the needs of your organisation regarding cyber security and data protection.

Contact us

The benefits of IASME Cyber Assurance

In addition to strengthening your organisation’s resilience and ability to protect its systems and data from the cyber threat, the IASME Cyber Assurance standard demonstrates your commitment to security to your customers, suppliers and other stakeholders.

IASME is a risk-based assurance that looks at elements within your business, including physical security, staff awareness and data backup.

By engaging with us, you can rely on RightCue’s established methods to efficiently achieve the cyber assurance credentials. We provide you with all mandatory documentation and processes required by an IASME certification body.

Prove your cyber security, privacy and data protection measures are effective.

Offer assurance to your stakeholders that your security has been assessed or audited independently by an accredited third-party.

Show a clear picture of your organisations current cyber security level and ensure processes are documented.

Give your organisation a competitive advantage and retain more business.

Cost-effectively demonstrates that your organisation is taking action to control risks – a key step towards GDPR compliance that is recognised by the Information Commissioner’s Office (ICO).

What are the benefits of IASME Cyber Assurance?

IASME Cyber Assurance demonstrates the integrity of your information security practices. A risk-based assurance, IASME looks at aspects such as physical security, staff awareness and data backup.

You can use IASME Cyber Assurance (also referred to as IASME Governance) as a stepping-stone to achieving the ISO 27001 at a later stage.

By engaging with us, you can rely on RightCue’s established methods to efficiently achieve the cyber assurance credentials. We provide you with all mandatory documentation and processes required by an IASME certification body.

Prove your cyber security, privacy and data protection measures are effective.
Offer assurance to your stakeholders that your security has been assessed or audited independently by an accredited third-party.
Show a clear picture of your organisations current cyber security level and ensure processes are documented.
Give your organisation a competitive advantage and retain more business.
Cost-effectively demonstrates that your organisation is taking action to control risks – a key step towards GDPR compliance that is recognised by the Information Commissioner’s Office (ICO).

Our expertise includes:

Supply Chain Risk Management

Security Audits and Internal Audits

Knowledge of Industry Best Practices

Penetration Testing

Vulnerability & Cyber Threat Assessments

Global Data Privacy Regulations

Knowledge of Market Leading Security Tools

Knowledge of Major Cloud Platforms

Cyber Essentials & Cyber Essentials Plus

What makes us stand out?

Extensive and thorough understanding of business, technology, and regulations.
Consistent praise from our clients for exceptional customer service and high-quality deliverables.
Availability of a diverse pool of skilled professionals to cater to various industry sectors.
A flexible approach that allows us to adjust our services to meet your specific needs, whether scaling up or down.

“What I really like about the RightCue team is their ability to distil complex and quite dry topics into accessible, easy to follow information. And that skill has enabled us to make sure all of our team are onboard and working the right way with data. RightCue helped us to achieve our cyber security accreditations including Cyber Essentials and IASME. But it’s more than that – the protection and management of data is now very much at the centre of our business.”

Dan Curtis-Allen

European I.T. Director & GDPR Specialist, Frost & Sullivan

Our phased approach to implementation of IASME Cyber Assurance

If you choose to implement IASME Cyber Assurance within your organisation, RightCue will work with you to define policies, establish industry best practices, embed risk management as a core of your security governance and management processes.

IASME Cyber Assurance Certification Pathway – RightCue

The standard covers 14 themes across 4 major areas of control:

RightCue are experts in information assurance governance standards – and are here to help you get certified.

IASME Cyber Assurance Level One – Verified Assessment

This standard consists of answering a series of verified self-assessment questions, which are signed off by a senior member of staff and then evaluated by a qualified external assessor.

IASME Cyber Assurance Level 1 - RightCue

Phase 1: Information gathering and risk assessment

Identify and classify data
Risk assessment
Continuity and disaster recovery planning

We conduct workshops with heads of your functional areas to document information and personal data flows and convert these into asset registers, ensuring information security responsibilities are clearly defined. We also assist you with initial risk assessment, IT business continuity and disaster recovery plans.

Phase 2: Information Security Management System

Develop security framework
Implement robust controls
Prepare for self-certification

We assist you with defining your information security and privacy management system by providing you with policies, procedures and other core documentation adapted specifically for your business and organisation culture. We assist you with implementing technical controls – at a minimum these include the controls required by the UK government’s Cyber Essentials Scheme as well as best practices to protect your key information and systems. We also work with you on change management to ensure a seamless transition to these new processes with as minimal disruption to your business and existing ways of working as possible.

At the end of phase 2, you will be ready to achieve self-certification to Cyber Essentials and IASME Cyber Assurance level 1.

IASME Cyber Assurance Level Two – Audited

If you would like to move to the next step, we can provide an audit of your information governance to ensure the highest possible standards are achieved.

A third-party audit demonstrates to your customers and other stakeholders that your organisation’s security has been independently evaluated and verified by skilled experts, offering a similar level of assurance to ISO 27001.

IASME Cyber Assurance Level 2 - RightCue

Tailored cyber assurance and governance solutions

Get in touch to find out more about our range of cyber assurance and governance services, tailored to your specific business needs.

Contact us

Knowledge Hub

To find out more about how we work, ensuring cyber security compliance and data privacy, read our useful articles, guides and customer success stories: