What is the difference between IASME Cyber Essentials and IASME Cyber Assurance?
Comparing The Two Certifications
The IASME Cyber Essentials Scheme and IASME Cyber Assurance Scheme help organisations protect themselves against a range of digital threats.
Both schemes are managed by the IASME Consortium which works with a network of almost 300 Cyber Security organisations across the UK and Crown Dependencies. IASME provides advice and certification for organisations of all sizes in both Cyber Security and counter fraud, helping businesses improve their Cyber Security, risk management and provide good governance.
Understanding the schemes, what they require and how they differ is essential for organisations looking to make informed decisions about their Cyber Security strategy.
Equilibrium Security are one of the few Cyber Essentials Certification bodies within the Midlands. We have been working alongside IASME conducting Cyber Essentials and Cyber Essentials Plus assessments since 2016.
How to Achieve A Cyber Essentials Certification?
To achieve Cyber Essentials certification companies begin by completing the IASME Cyber Essentials questionnaire. This is a self-evaluation of an organisation’s Cyber Security practices with the aim of ensuring basic Cyber Security protocols are in place. The scheme has two levels, with Cyber Essentials Plus requiring an independent evaluation of security controls.
IASME Cyber Essentials Certification
The IASME Cyber Essentials Certification is a government-backed scheme that helps different-sized organisations protect themselves from some of the most common cyber-threats. When a company achieves IASME Cyber Essentials it signals to customers and other companies that you take Cyber Security seriously and can be trusted with valuable information.
It covers five main technical controls:
- Secure configuration
- Boundary firewalls and internet gateways
- Access control
- Malware protection
- Patch management
IASME Cyber Assurance Certification
The IASME Cyber Assurance scheme was developed to create an affordable, achievable Cyber Security standard that would allow small and medium enterprise in a supply chain to demonstrate their commitment to Cyber Security to international standards.
Companies that become IASME Cyber Assured will have met a range of requirements, indicating that they are taking further steps to protect customer information and meeting the data protection requirements of GDPR.
Like Cyber Essentials, IASME Cyber Assurance has two levels, Level One Verified Assessment and Level Two Audited. You must hold a valid Cyber Essentials Certificate throughout your IASME Cyber Assurance certification. IASME Cyber Essentials level 2 is aligned to a similar set of controls as ISO 27001, but it’s a more affordable and realistic alternative for smaller organisations.
What Are The Differences Between The Two Schemes?
IASME Cyber Assurance complements and builds on Cyber Essentials. Whereas the main focus of Cyber Essentials is technical controls, the IASME Cyber Assurance also includes a focus on key governance aspects.
These include:
- Risk assessment and management
- Training and managing people
- Change management
- Monitoring
- Backup
- Incident response and business continuity
What Kind Of Company Is Suited To IASME Cyber Assurance?
The higher Cyber Security standards required to achieve IASME Cyber Assurance make it suitable for organisations with more complex security needs. It enables smaller companies to achieve the more exacting standards expected within certain sectors such as government and military. It provides robust protection for potentially vulnerable supply chains.
Achieving IASME Cyber Assurance will incur higher costs than Cyber Essentials but may be essential for companies working in sensitive sectors.
Achieving Cyber Security Certification with Equilibrium Security
As an IASME assessor, Equilibrium Security can help you meet the requirements for IASME Cyber Essentials and IASME Cyber Assurance.
As your partners in Cyber Security, we can help you decide which is the most appropriate certification for your organisation. We ensure you always stay ahead of any developing threats, whatever the size of your organisation and available resources.
To find out more about IASME Cyber Essentials and our comprehensive range of services contact us today.
Customer Feedback
