MALVERN, UK: Malvern-based cyber security company IASME Consortium Ltd, has signed an agreement to license the IASME assessment process to information risk management specialists Ascentor Ltd. Ascentor become the first external assessors trained and licensed to assess against this essential new standard.
IASME has recently been recognised as the best cyber security standard for small companies by the UK Government in consultation with trade associations and industry groups. IASME is consequently helping to draft the government’s new basic cyber hygiene profile that will focus on some key technical controls.
The new risk-based standard for SMEs
IASME is the information and cyber security standard for SMEs. Based on international best practice it provides the only credible security management standard for small organisations including businesses, charities and smaller government departments.
Funded by the Government’s Technology Strategy Board, the IASME standard was developed to create a cost effective and more appropriate alternative to the international standard, ISO/IEC 27001, for small companies. The standard combines research in small company security with best practice such as ISO/IEC 27001, NIST 800-50, and the SANS/CPNI Critical Controls.
IASME is designed to fit with a small company budget and was developed and trialed over several years in collaboration with numerous firms across different markets. The standard is risk-based and supported by accredited assessors from Ascentor who will visit a company and produce a risk assessment, gap analysis and implementation plan before returning at a later date to complete the formal assessment, which will lead to certification.
IASME and the Government supply chain
Small companies in the Government supply chain pose a known threat to information security. With a growing awareness of the cyber threat, supply chain companies are increasingly asking their small suppliers to show that they have at least a basic level of cyber security within their company. Getting assessed and accredited to the new IASME standard is the easiest, most cost effective way for smaller companies to do this.
“IASME allows SMEs in a supply chain to demonstrate their level of information and cyber security maturity” said David Booth, Managing Director of IASME “This can help demonstrate that they are able to properly protect their own information and that of their customers and partners. Ascentor’s experience of working with companies of all sizes to advise on cyber security, together with their proactive and professional approach, make them an ideal company to deliver IASME assessments”