Exciting news: British Assessment Bureau will rebrand as Amtivo in Autumn 2026! Find out more here >>

IASME Cyber Assurance

What Is IASME Cyber Assurance?

The IASME Cyber Assurance, once known as IASME Governance, is a comprehensive standard curated by the Information Assurance for Small and Medium Enterprises (IASME) and the National Cyber Security Centre. It’s designed to provide a cost-effective and suitable alternative to the international standard ISO/IEC 27001 for small to medium-sized enterprises.

IASME Cyber Assurance adopts a risk-based approach for security governance and compliance, offering a highly credible and more fitting security management standard for SMEs. It harmonises comprehensive company security research with best practice information security standards, covering 13 themes across five control areas.

Taking it a notch higher than the Cyber Essentials Scheme (CES), IASME Cyber Assurance incorporates the provisions of the Data Protection Act 2018.

Cyber Essentials is a prerequisite to attaining IASME Cyber Assurance.

Cyber Security Month - UK

What are the Benefits?

IASME Cyber Assurance offers robust advantages for businesses, particularly those within the government supply chain, helping them stand out from competitors through their demonstrated commitment to cyber security.

IASME Cyber Assurance bolsters trust with stakeholders by demonstrating your commitment to robust cyber security practices. It provides a competitive edge, especially for suppliers within government supply chains. Beyond enhancing security protocols, it offers a cost-effective solution to improving cyber security among small and medium enterprises. Its adherence also aids in compliance with data protection laws, instilling confidence in clients and partners about their data safety.

For organisations operating outside the government supply chain, it’s a cost-effective way to ensure data security, acting as a practical alternative to international standards like ISO/IEC 27001.

IASME Cyber Assurance not only boosts current business relationships but also supports commercial growth and provides access to new business opportunities.

Cyber Assurance Certification Levels

The Cyber Assurance standard offers two tiers of certification

Level 1: Verified Assessment

This level grants access to a secure portal where you can complete your application and submit your responses for evaluation by an assessor.

How We Support IASME Certification

Amtivo was the first licensed external assessor for the Cyber Assurance standard, and our dedicated team is at your service throughout your certification journey, providing answers to any questions or queries you might have.

Our assessors are armed with vast knowledge and extensive experience in information security, and they are kept abreast of all updates to the scheme to provide you with the best advice for attaining certification.

We provide two types of packages for your Cyber Assurance certifications:

Supported Package: This option includes specialist advice and guidance on Cyber Assurance requirements and implementing necessary controls for standard compliance. If you’re new to the certification process or less confident about the assessment, this package is ideal as support is available throughout your assessment.

Unsupported Package: This option is best suited for organisations renewing a previous certification or those already well-versed with the Cyber Assurance requirements. Amtivo will provide a login for the Cyber Assurance questionnaire, which you can submit for marking after completion.

If you are compliant and meet all the Cyber Assurance standard requirements, Amtivo will issue your certificate.