An information assurance standard for the small business
The IASME (Information Assurance for Small and Medium Enterprises) standard is a maturity-based information assurance standard for small businesses. It was created from a Technology Strategy Board-funded project to create an achievable cyber security standard for small companies. The international standard – ISO27001 – is comprehensive but extremely challenging for a small company to achieve and maintain. The IASME standard is written along the same lines as the ISO27001 but specifically for small companies. The gold standard of IASME demonstrates baseline compliance with the international standard.
Increasingly, customers and suppliers are starting to be concerned about how well SMEs protect their data. This is due to a growing number of high-profile data losses and cyber attacks, increasing fines for data loss from the Information Commissioner’s Office and cyber security legislation about to be introduced by the EU.
There are some simple steps any small company can take to make themselves more secure. Many of these can be taken with minimal cost or business interruption and will probably make your company a safer organisation to do business with than your competitors.
Available either as a self assessment or assessment by an independent auditor in combination with practical consultancy, IASME is a realistic and affordable way for SMEs to prove that they are following best practice.
Information Assurance for SMEs 22nd November 2011, University of Worcester This workshop will examine the IASME programme in detail and pass on the knowledge for you to go into an SME and assess the security of its business information. This will be an intense day where we will look at both ... read more..
managing information risk Information is an organisations most valuable asset. However, it is often neglected in favour of protecting material assets, maintaining cashflow and the like when considering the organisations long-term future. This is usually because assigning a value to information is much more difficult than valuing buildings, stock, people ... read more..
A collection of recent NCC research, thought leadership, presentations, webinars and news to help those interested in professional development get up to speed with the key IT management issues in information security, assurance and continuity.IT security is one of the biggest current issues for IT managers. Latest government figures show ... read more..
Watch the video at www.brighttalk.com/webcast/29001A study by the University of Worcester shows that nearly 60 per cent of businesses polled currently have no security policy in place and are ill-prepared to meet the real and increasing threat to their business information. The research also shows how businesses who fail to ... read more..
Information Assurance for SMEs The launch of a right sized security standard for smaller businesses Small-to-medium-sized enterprises (SMEs) which comprise half of the private sector turnover in the UK1 are expected to protect their business information, your private data, and satisfy the regulatory authorities and their supply chain partners. ... read more..
21 September 2010 Download the presentations: Introduction Michael Dean, NCC CAMM IASME, revolutionizing security auditing Daniel Dresner, Head of IA Practice, NCC A ... read more..