What is IASME Cyber Assurance?

The IASME Cyber Assurance standard is a comprehensive, flexible, and affordable way to achieve cyber resilience. It demonstrates that an organisation has put into place a range of important controls related to cybersecurity and data protection.

Gaining certification provides a structured way for your organisation to achieve cyber resilience for a realistic cost. It indicates that you are taking good steps to protect your information and business systems. IASME Cyber Assurance certification is recognised by a wide range of industry sectors as a demonstration that an organisation has implemented appropriate controls to mitigate cyber risk within the supply chain.

The IASME Cyber Assurance certification is available in two levels: Level One – Verified Assessment and Level Two – Audited (Coming Soon).

You must pass your Level One assessment before you apply for Level Two.

Tailored to your organisation’s size

The IASME Cyber Assurance standard has been written to address the security needs of organisations of all sizes, from the sole practitioner to large enterprises.

Sole trader / two-person partnership

1 to 2 people – Tailored requirements for minimal compliance burden.

Micro businesses

3 to 9 people – Focused on essential controls relevant to small teams.

Small businesses

10 to 49 people – Balanced depth for growing organisations.

Medium / large businesses

50+ people – Comprehensive coverage for enterprise-scale operations.

Key Benefits

Build resilience and trust with IASME Cyber Assurance certification

Build cyber resilience

Use the IASME Cyber Assurance standard as a roadmap to become cyber resilient.

Provide supply chain assurance

A cost effective way to ensure comprehensive cybersecurity assurance throughout your supply chain.

Establish trust

Reassure your customers and stakeholders that their information is being properly protected.

Demonstrate legal & regulatory compliance

Certification indicates that your organisation aligns with global data protection and privacy regulations.

The process of certifying

To purchase IASME Cyber Assurance, you must have a valid Cyber Essentials certificate with at least one month left in date. If this is not the case it will be added to your basket at checkout. The scope of your Cyber Essentials and IASME Cyber Assurance certification must cover the whole of your organisation.

IASME Cyber Assurance is available in two levels

Level One – Verified Assessment

Level One consists of a verified assessment reviewed by an independent Assessor. After registering for certification, you are given access to the secure assessment platform where you will answer the verified self-assessment questions. A senior member of the board or equivalent from your organisation must e-sign a document to verify that all the answers are true and then a qualified external Assessor will mark your answers.

Level Two – Audited (Coming Soon)

Level Two involves an audit of your processes, procedures and controls required by the IASME Cyber Assurance standard. The audit is independent and conducted by an IASME assured Assessor. The Assessor will look at documentation, interview key staff and observe activities. This can be done in person or sometimes remotely (such as via a video call). You will need to have completed the IASME Cyber Assurance Level One certification before you can proceed to the Level Two audit.

Pricing & Options

Transparent pricing based on organization size and complexity

While costs depend on the size of organisation, complexity and level of support, here are ballpark figures:

Micro Business

£320
+ VAT
  • 0-9 employees
  • Self-assessment level
  • Basic support included
  • Certificate & badge
  • 12-month validity
Get Started

Small to Medium

£440-£500+
+ VAT
  • 10-249 employees
  • Enhanced support
  • Complexity assessment
  • Gap analysis included
  • Remediation guidance
Get Started

Large Enterprise

£600+
+ VAT
  • 250+ employees
  • Comprehensive support
  • Dedicated consultant
  • Full remediation planning
  • Ongoing compliance support
Get Started

What CyberVeritas Offers

Comprehensive support throughout your IASME Cyber Assurance certification journey

At Cyber Veritas, we provide expert guidance to help organisations of all sizes achieve IASME Cyber Assurance certification. Our services include initial scoping, tailored assessments, remediation support, and ongoing compliance assistance.

  • Prerequisite Check: Verify your Cyber Essentials certificate and scope alignment
  • Customised Assessment: Tailored to your organisation size for reduced burden
  • Verification Support: Assistance with self-assessment, e-signing, and independent review
  • Audit Preparation: For Level Two, help with documentation, interviews, and observations
  • Ongoing Compliance: Annual renewal support and updates to standards
  • Expert Consultancy: From UK-based cybersecurity professionals

Frequently Asked Questions

Common questions about IASME Cyber Assurance certification

What is the prerequisite for IASME Cyber Assurance?
You must have a valid Cyber Essentials certificate with at least one month remaining. The scope must cover your entire organisation.
How is the standard tailored to organisation size?
The full standard is broad, but assessments are customised based on employee count (e.g., 1-2 people vs. 50+), focusing on relevant themes and requirements to minimise compliance burden.
What is the difference between Level One and Level Two?
Level One is a verified self-assessment reviewed by an independent assessor. Level Two is a full audit involving documentation review, staff interviews, and activity observation (in-person or remote).
How long does certification take?
Level One can typically be completed in weeks, depending on preparation. Level Two requires prior Level One completion and may take longer due to audit scheduling.
Is IASME Cyber Assurance recognised internationally?
While primarily UK-focused, organisations outside the UK can apply by contacting IASME for prerequisite discussions. It's aligned with global data protection standards.
How often must I renew?
Certification is valid for 12 months. Renewal involves reassessment to ensure ongoing compliance with evolving standards.

Getting Started with CyberVeritas

Your path to IASME Cyber Assurance certification

  1. Verify Prerequisites: Ensure valid Cyber Essentials and contact us for international queries
  2. Choose Your Level: Start with Level One Verified Assessment, progress to Level Two if needed
  3. Complete Self-Assessment: Access the secure platform, answer questions, and e-sign verification
  4. Independent Review: Qualified assessor marks your submission for Level One
  5. Audit & Certify (Level Two): Schedule audit, provide documentation, and receive certification
  6. Maintain & Renew: Annual support for compliance and updates

Ready to Get IASME Cyber Assurance Certified?

Contact our expert team today to start your certification journey and protect your business with government-backed cybersecurity standards. We're here to guide you every step of the way.

Start Your Certification Journey