IASME Governance Certification  

The IASME Governance certification indicates to clients that you are taking appropriate steps to properly protect their information and is a cyber security standard which is an affordable and achievable alternative to the international standard, ISO 27001.   

 

Fortis’ fixed-price solutions will help you to achieve the IASME Governance certification. The simple process is managed through Fortis’ online IASME Governance portal. 

IASME GOVERNANCE CERTIFICATION 

IASME Governance (can be completed concurrently alongside CE or CE+ or up to 6 months after CE).  

 

Complete your CE & IASME Governance self-assessment questionnaire via the secure Fortis online portal  

Your answers will then be marked by a Fortis, certified IASME governance assessor 

If a pass then receive your certificate and move directly onto the IASME Audit assessment 

If a fail, remediate any failed items and re-submit responses, Fortis offers a single review phase of remediated responses and move onto the IASME Audit assessment 

Fortis conduct the audit phase (on-site or remote) where verification or policy and practice is delivered.  

If a pass then receive your audited certificate 

The Fortis certified assessor will audit your company and this usually involves interviews with members of staff and a review of supporting documentation and system configuration. 

DO IT YOURSELF

Business who are familiar with the IASME Governance requirements and have a high degree of IT security knowledge 

Access to the IASME Governance Certification Questionnaire on the Fortis Portal  

 

On-site assessment including:  

 

  • audit of your policies and process 

 

  • interviews with members of staff and a review of documentation 

 

  • provide evidence to the assessor of your system configuration as per your policy 

 

1 Remote retest

SOME SUPPORT

Businesses who need some help understanding the scope & preparing the environment for IASME Governance compliance 

Access to the IASME Governance Certification Questionnaire on the Fortis Portal  

 

Remote Consultant-led advice 5 

 

On-site assessment including:  

 

  • audit of your policies and process 

 

  • interviews with members of staff and a review of documentation 

 

  • provide evidence to the assessor of your system configuration as per your policy 

 

1 Remote retest 

LOTS OF SUPPORT

Businesses who require a lot of support & lack experience in providing a IASME Governance compliant technical architecture 

Access to the IASME Governance Certification Questionnaire on the Fortis Portal  

 

Remote Consultant-led advice 6 

 

On-site assessment including:  

 

  • audit of your policies and process 

 

  • interviews with members of staff and a review of documentation 

 

  • provide evidence to the assessor of your system configuration as per your policy 

 

1 Remote retest  

SUITABLE FOR

INCLUDES

AUDITED IASME GOVERNANCE CERTIFICATION

The Information Assurance for Small to Medium-sized Enterprises (IASME) Governance standard was developed over several years during a government funded project to create a cyber security standard which would be an affordable and achievable alternative to the international standard, ISO 27001.  

 

The IASME Governance standard allows small companies to demonstrate their level of cyber security for a realistic cost and indicates that they are taking positive steps to properly protect their customers’ information.  

The IASME Governance assessment includes a Cyber Essentials assessment and GDPR requirements and is available either as a self-assessment or on-site audit. 

 

By gaining the Audited IASME Governance certificate your organisation is achieving IASME’s highest level of certification and providing assurance to customers and suppliers that your organisation’s security has been audited by a skilled, independent third-party. 

Figure 1 Chart to illustrate the certification process 

Fortis will discuss with you the scope of the assessment and arrange a mutually convenient time to visit your organisation’s head office to carry out an audit of your policies and process. 

This audit usually involves interviews with members of staff and a review of documentation and system configuration. 

It does not involve a technical assessment unless you are being assessed to Cyber Essentials PLUS at the same time, although it may be helpful to have technical staff available to provide evidence to the assessor of your system configuration. 

The assessor may also wish to visit branch offices or other locations in order to satisfy themselves that your good security practice is reflected across the organisation. 

AUDITED IASME GOVERNANCE CERTIFICATION SERVICE OPTIONS 
YOUR SIMPLE ROUTE TO CYBER ESSENTIALS CERTIFICATION

PRIVACY POLICY

TERMS & CONDITIONS

COOKIE POLICY

Copyright 2020

The Certified Hub

Zone 5

Clonminam Business Park

Portlaoise

Co. Laois

Ireland

Registered Office Address

20-22 Wenlock Road, 

London.

N1 7GU

Fortiscyber Security

SHIELD-button-03.png