An information security standard certification for the small business
IASME is a national programme that provides qualifying SMEs (less than 250 staff) with certification that has been specifically designed with the small business in mind. The programme is well grounded in international standards and has flexibility, credibility and affordability built in.
Good information security is an asset that is as valuable as more tangible resources such as your staff, hardware, software, manufacturing plant, or other materials. A lack of information security is a liability for you and a risk that your customers may not want to take. Coupled with potential fines of six-figures or more – on top of the damage to your reputation and the cost to sort out an incident – the financial impact can be catastrophic.
IASME is all about helping you develop or improve the security of your business information. We do this by building on what you do already and provide templates where you need more assistance. Our assessors provide careful guidance during the assessment process whilst making sure that you pick up the skills to manage information security independently.
How your information security measures are implemented will depend on the complexity, size, and risk profile of your business.
IASME looks at:
what information does your business rely on? Where does it come from? How is it handled?
what are the risks to your business information?
know your assets; acquire and dispose of them securely.
- People security:
know your people and educate them in security.
- Physical and environmental security:
protect your assets from physical and environmental harm.
control who and what can access your information.
- Planning and acquisition:
build security and privacy in at the start – make sure you have the right-sized information systems.
manage and monitor your IT systems effectively, including prevention and detection of malicious code – defending against malware – and be ready to recover from infection.
- Incident management:
ensure threats to your business are detected and dealt with – learn the lessons!
with legal, statutory, regulatory and contractual obligations and security requirements – know what is required and demonstrate compliance.
To register for certification, or to get more information, contact:
The IASME Consortium
The National Computing Centre
Bucks HP22 4NF
Information Assurance for SMEs 22nd November 2011, University of Worcester This workshop will examine the IASME programme in detail and pass on the knowledge for you to go into an SME and assess the security of its business information. This will be an intense day where we will look at both ... read more..
managing information risk Information is an organisations most valuable asset. However, it is often neglected in favour of protecting material assets, maintaining cashflow and the like when considering the organisations long-term future. This is usually because assigning a value to information is much more difficult than valuing buildings, stock, people ... read more..
A collection of recent NCC research, thought leadership, presentations, webinars and news to help those interested in professional development get up to speed with the key IT management issues in information assurance, security and continuity.Security issues revolving around cloud and mobile computing are hottest security topics at the moment, but ... read more..
Watch the video at www.brighttalk.com/webcast/29001A study by the University of Worcester shows that nearly 60 per cent of businesses polled currently have no security policy in place and are ill-prepared to meet the real and increasing threat to their business information. The research also shows how businesses who fail to ... read more..
Information Assurance for SMEs The launch of a right sized security standard for smaller businesses Small-to-medium-sized enterprises (SMEs) which comprise half of the private sector turnover in the UK1 are expected to protect their business information, your private data, and satisfy the regulatory authorities and their supply chain partners. ... read more..
21 September 2010 Download the presentations: Introduction Michael Dean, NCC CAMM IASME, revolutionizing security auditing Daniel Dresner, Head of IA Practice, NCC A ... read more..