0117 457 3331 | contact@cybertecsecurity.com

IASME Governance Audited

Looking for an affordable alternative to ISO 27001?

Introducing IASME's highest level of certification.

Have you got the time, resources and funds to achieve ISO 27001 every year?

This is what the National Cyber Security Centre (NCSC) and IASME asked businesses around the UK.

What response did they receive from these businesses?

A resounding and collective no.

So, what did the NCSC and IASME decide to do?

Together, they developed ‘IASME Governance Audited‘ to give UK businesses the opportunity to secure themselves against a standard which confidently maps against the ISO 27001 standard.

Why Achieve IASME Governance Audited?

Boost Stakeholder Confidence

By achieving IASME's highest level of certification, your customers, investors and suppliers can sleep well knowing their data is in good hands.

Win Tenders

The organisations who have gone above and beyond to protect data are often favoured to win Government tenders and contracts.

Align with ISO 27001

The IASME Governance Audited offers an almost identical level of security to the ISO 27001 certification for a fraction of the price.

Two Certifications. One Process.

When you decide to align to the IASME Governance standard, you will also be receiving a Cyber Essentials Plus certification in the process.

This means you’ll be covering the 5 technical controls within the Cyber Essentials Scheme as well as successfully managing your risk.

IASME Governance also includes a GDPR Compliance assessment which means you can align to the GDPR at no extra cost.

Why Choose Cyber Tec Security?

Remote & On-Site Assessment

We have the capability to help your organisation achieve IASME Governance Audited through our on-site and remote assessment.

Dedicated Account Manager

If you require a helping hand, your dedicated account manager will be ready to guide you through the process.

Guaranteed Certification

Instead of forcing you to repay after failing, we'll ensure you pass IASME Governance Audited at the first attempt.

Our Process



You’ll first need to achieve the IASME Governance Self-assessed to be able to achieve IASME Governance Audited.


Audited Assessment

We’ll discuss the scope of the assessment and carry out an audit of your policies and process.



Once you’ve passed, we’ll quickly send over all collateral including your certificates and logos.

Ready to achieve IASME Governance Audited?

IASME Governance Audited Features

Unlock Access To:

  • Risk Assessment and Management
  • Monitoring
  • Change Management
  • Training and Managing People
  • Back Up
  • Incident Response and Business Continuity
  • Cyber Essentials Plus
  • GDPR Compliance
  • Guaranteed Certification
  • Optional Remote Assessment
  • Independent Assessment by Cyber Tec Security

Frequently Asked Questions

Here are some common questions that come up before achieving IASME Governance Audited.

The Cyber Essentials Scheme is a Government scheme that helps organisations to guard against the most common cyber threats from the internet and demonstrate commitment to cyber security. It covers five main technical controls which will protect companies against an estimated 80% of common internet threats. The controls are:

  • Secure your Internet connection (Firewalls and routers)
  • Secure your devices and software (Secure configuration)
  • Control access to your data and services (Access control)
  • Protect from viruses and other malware (Malware protection)
  • Keep your devices and software up to date (Software updates)

IASME Governance certification is aligned to the Government’s Ten Steps to Cyber Security and includes Cyber Essentials certification as well as controls around people and processes. It also covers the General Data Protection Regulation (GDPR) requirements. IASME Governance is aligned to a similar set of controls to ISO 27001 but is more affordable and achievable for small and medium sized organisations to implement.

No – Cyber Essentials Plus is an audited level of the Cyber Essentials assessment, testing the 5 Cyber Essentials controls only. IASME Governance Audited (sometimes known as IASME Gold) is an independent on-site audit of the level of information security provided by your organisation, against the IASME Governance standard. It is aligned to a similar set of controls to ISO 27001 but is more affordable and achievable for small and medium sized organisations to implement.  The standard includes GDPR requirements and adds additional topics that mostly relate to people and processes, for example:

  • Risk assessment and management
  • Training and managing people
  • Change management
  • Monitoring
  • Backup
  • Incident response and business continuity

We would normally require the Cyber Essentials and IASME Governance to be assessed at the same time, but they can be done separately provided that the IASME Governance is completed within 6 months of the Cyber Essentials certification.

Still have unanswered questions?