IASME was founded on the principle that basic cyber security is an essential requirement for all organisations and their supply chains.
We believe this requirement should not be a barrier to the smallest of organisation and the innovation they bring.
IASME believes in inclusivity and representation across every level of the company. Our diverse work team allows us to innovate and deliver in a comprehensive and relevant way. The company is headed by a female CEO and 50% of the organisation are women, with women represented in every team. Over 20% of IASME employees identify as neurodivergent and more than 35% of the IASME team have a disability. IASME work closely with the UK Cyber Security Forum to train unemployed neurodivergent adults and support them into work.
Our history is a story of innovation and rapid growth. It all started with the IASME Governance standard which was motivated by the need for something accessible to help small organisations understand a framework to increase their chance of staying safe online. The IASME Consortium was created in 2012 to take the results of that project forward.
Today, IASME offers six different certifications and delivers to organisations of all sizes and in all sectors.
In October 2021, IASME was acquired by the Phenna Group. Headquartered in Nottingham, Phenna Group’s aim is to invest and partner with selected niche, independent testing, inspection, certification and compliance (TICC) companies that serve a variety of sectors, ensuring customers’ peace of mind by delivering first class assurance services. This large and dynamic group provides the resilience, support and global outlook for IASME to continue to grow.
IASME deliver various certification schemes that aim to improve the cyber security of the organisations and devices that certify to them.
Cyber Essentials is an effective UK Government scheme which focuses on the five technical controls designed to guard against the most common internet based cyber security threats. Cyber Essentials is now widely recognised as the minimum baseline level of cyber security for organisations of all sizes.
From April 1st 2020, IASME became the National Cyber Security Centre’s sole Cyber Essentials Partner, responsible for the delivery of the scheme.
IASME CYBER ASSURANCE
IASME Cyber Assurance (previously known as IASME Governance) is our own comprehensive, flexible and affordable cyber security standard. Developed over several years during a government funded project, the IASME Cyber Assurance scheme was created to offer SMEs an affordable and achievable alternative to the international standard, ISO 27001.
The certification is available in two levels, Level 1 – verified assessed and Level 2 – audited.
IASME IOT Cyber Scheme
The IASME IoT Cyber scheme certifies internet connected devices against the most important security controls and is available in two levels which can be assessed to different degrees of assurance. Certification demonstrates commitment to best practice security as set out in ETSI EN 303 645, the leading global technical standard in IoT security.
The IoT Cyber Baseline scheme is aligned with imminent UK legislation and covers the top three requirements of the ETSI EN 303 645 standard. The IoT Cyber Assurance scheme is aligned with all of the provisions in the ETSI EN 303 645 standard.
The scheme is available as Level 1 – verified self-assessment and for greater assurance, as Level 2- audited, providing 3rd party testing and independent certification.
IASME Maritime Cyber Scheme
The Maritime Cyber Baseline scheme is designed to certify the cyber security of all commercial vessels and is accessible to operators and vessels of all sizes from across the world. The scheme will allow the operators and owners of vessels to start their journey towards compliance with the International Maritime Organisation (IMO) Guidelines on Maritime Cyber Risk Management.
Civil Aviation Authority Assure Scheme
Aviation organisations such as UK airports, air carriers and air navigation service providers in scope of the CAA’s Cyber Security Oversight Process are required to complete an ASSURE Cyber Audit. The ASSURE Scheme provides the aviation industry with a framework to manage their cyber security risks without compromising aviation safety, security or resilience whilst ensuring compliance with applicable regulations.