IASME Governance


Governance standard for SMEs

Although ISO27001 is the globally recognised benchmark for Information Governance, smaller organisations find it challenging to get certified due to cost and effort involved. Organisations also choose IASME standard as a stepping stone to achieving the ISO27001 at a later stage.

IASME (Information Assurance for Small and Medium Enterprises) Governance enables you to demonstrate your organisation’s overall maturity level for good security practices and that you are taking proper steps to protect customer information. It includes both a Cyber Essentials Assessment and assessment of your General Data Protection Regulations (GDPR) compliance.

A risk-based assurance, IASME looks at aspects such as physical security, staff awareness and data backup. If you are looking for assistance with achieving IASM Governance, then our expert team can help, whether you choose self-assessment or an on-site independent audit.

IASME Self Assessed

IASME Governance Self-assessed

You can choose to use the self-assessed certification option, completing an online questionnaire about the controls you have in place governing information assurance.

If you would like guidance in completing the process, we offer access to a simple and secure online portal and can provide support and advice when you need it.

If you meet the requirement, you will be awarded the IASME Governance standard certification, which includes the Cyber Essentials Assessment and GDPR Readiness


IASME Governance Audited

Also known as IASME Gold, this accreditation offers a similar level of assurance to ISO 27001, but is easier and more cost-effective for SMEs to implement. It is the IASME’s highest level of certification, demonstrating that your organisation’s security has been audited by an expert, skilled, independent third-party.

To help you achieve IASME Gold, our experienced team will conduct a rigorous on-site audit. It includes a Cyber Essentials Assessment, GDPR readiness assessment and will also investigate people and processes, e.g. risk assessment and management, training, monitoring, incident response and business continuity.

If you pass the assessment, you will be awarded a certificate and be permitted to display the Audited IASME Governance logo.

“I find the team at Right Cue to be very professional, with a strong, broad and deep technical and governance knowledge of cyber-security. I know I can rely on them to turn assessments around quickly and give our clients good advice when they need to make changes. They are one of our longest standing assessors.”
grey line


Get in touch with us

For IASME Governance accreditation, please contact us on

+44 (0)1256 406 601

LinkedIn   Twitter   Facebook

Please accept preferences, statistics, marketing cookies to watch this video.