Basket £ 0.00 (0 items)
You are here: HomeServicesIT Department Accreditation › IASME


An information assurance standard for the small business

The IASME (Information Assurance for Small and Medium Enterprises) standard is a maturity-based information assurance standard for small businesses. It was created from a Technology Strategy Board-funded project to create an achievable cyber security standard for small companies. The international standard – ISO27001 – is comprehensive but extremely challenging for a small company to achieve and maintain. The IASME standard is written along the same lines as the ISO27001 but specifically for small companies. The gold standard of IASME demonstrates baseline compliance with the international standard.

Increasingly, customers and suppliers are starting to be concerned about how well SMEs protect their data. This is due to a growing number of high-profile data losses and cyber attacks, increasing fines for data loss from the Information Commissioner’s Office and cyber security legislation about to be introduced by the EU.

There are some simple steps any small company can take to make themselves more secure. Many of these can be taken with minimal cost or business interruption and will probably make your company a safer organisation to do business with than your competitors.

Available either as a self assessment or assessment by an independent auditor in combination with practical consultancy, IASME is a realistic and affordable way for SMEs to prove that they are following best practice.

More information:

IASME ConsortiumIASME Consortium

University of Worcester


IASME assessors workshop - 22 Nov 2011

Information Assurance for SMEs 22nd November 2011, University of Worcester This workshop will examine the IASME programme in detail and pass on the knowledge for you to go into an SME and assess the security of its business information. This will be an intense day where we will look at both ... read more..

Information - lifeblood of the organisation - 21 Sep 2011

managing information risk Information is an organisations most valuable asset. However, it is often neglected in favour of protecting material assets, maintaining cashflow and the like when considering the organisations long-term future. This is usually because assigning a value to information is much more difficult than valuing buildings, stock, people ... read more..

No.1: Security, Information Assurance and Continuity - 17 Jun 2011

A collection of recent NCC research, thought leadership, presentations, webinars and news to help those interested in professional development get up to speed with the key IT management issues in information security, assurance and continuity.IT security is one of the biggest current issues for IT managers. Latest government figures show ... read more..

Webinar: Are you or Have you Ever Been a Vulnerability to your Customers? - 18 May 2011

Watch the video at study by the University of Worcester shows that nearly 60 per cent of businesses polled currently have no security policy in place and are ill-prepared to meet the real and increasing threat to their business information. The research also shows how businesses who fail to ... read more..

IASME - Information Assurance for SMEs - 13 Jan 2011

Information Assurance for SMEs The launch of a right sized security standard for smaller businesses Small-to-medium-sized enterprises (SMEs) which comprise half of the private sector turnover in the UK1 are expected to protect their business information, your private data, and satisfy the regulatory authorities and their supply chain partners. ... read more..

From Security to Maturity - CAMM and the audit revolution - 21 Sep 2010

21 September 2010 Download the presentations: Introduction Michael Dean, NCC CAMM IASME, revolutionizing security auditing Daniel Dresner, Head of IA Practice, NCC A ... read more..



For more information about The National Computing Centre and our services, please contact us at the details below:

Telephone: +44 (0)870 908 8767
Fax: +44 (0)870 134 0931

Click here for more contact information

TwitterFollow us on Twitter
Linked InJoin our LinkedIn Group
FBLike us on Facebook


Management Guidelines

NCC Guidelines Vol 5 No 1

more in Management Guidelines


Professional Development

Cloud Computing

more in Professional Development


Analyst Digest

September 2016 Bulletin published

more in Analyst Digest