Data Management (inc. GDPR & Cyber Essentials)
BPIF Cyber Essentials Scheme

Every second someone is trying to access your company data. Protect yourself and your clients from cyber attack.

It's time to accept the inevitable - your organisation will be affected directly or indirectly by cyber attack at some point. Attain IASME Gold Certification through the BPIF Cyber Essentials Scheme.

Cyber security is an issue that affects businesses of all sizes and sectors; new Government statistics reveal half of UK businesses suffered a cyber attack or security breach during 2017.  With the growth of businesses online presence and the use of cloud based systems, there is an increasing reason why you need to implement a cyber security policy, within your organisation.   

Although some businesses have at least the basic controls, little are aware they can be certified for having the full range of technical controls in place. 

We can help make your business compliant with certification against both Cyber Essentials scheme and IASME governance.  

Cyber Essentials is a Government backed cyber security certification scheme that sets out a good baseline of cyber security suitable for all businesses. The scheme addresses five key controls:

1. Firewalls - Use a firewall to secure your Internet connection
2. Configuration - Choose the most secure settings for your devices and software
3. User Accounts - Control who has access to your data and services
4. Malware - Protect yourself from viruses and other malware
5. Patches - Keep your devices and software up to date 

When implemented correctly, you can prevent around 80% of cyber attacks.  Cyber Essentials helps you to guard against the most common cyber threats and demonstrate your commitment to cyber security.  The Government wants every company in the UK to be certified by 2020.

Cyber Essentials PLUS includes all the benefits of Cyber Essentials, in addition it includes a technical audit of your systems.  It offers a higher level of assurance through the external testing of the organisation's cyber security.

IASME (Information Assurance for Small to Medium-sized Enterprises) is a governance standard that demonstrates a company's level of cyber security for a realistic cost.  The standard is risk based and specifically covers the following IT processes: 

1. Data Assets - Having a good understanding of your key information assets
2. Risk Assessment - It is important to identify the threats to your organisation and assess the resulting risk
3. People - Staff are your greatest allies in protecting your organisation's information
4. Disaster Recovery - The process of returning to a state of business-as-usual after a significant incident
5. Policy - Create, implement a security policy within your business

IASME demonstrates that you are taking good steps to properly protect information security.  Internationally recognised alternative to the ISO 27001 standard, for smaller businesses.

IASME Gold: The IASME Governance Audit involves an onsite audit of your governance processes and procedures covered by the IASME Governance standard.

General Data Protection Regulation (GDPR) readiness has now been included into this standard.  In May 2018, GDPR replaces the current Data Protection directive, the Data Protection Act.   If you process personal data of any data subjects who lives in the EU, you need to ensure you comply with this new regulation.  In conjunction with Cyber Essentials and IASME, more details on how we can help with preparing your business and becoming GDPR ready, please click here to see our GDPR offering.



- Cyber Essentials, IASME Governance and GDPR Ready - Managed
- Cyber Essentials, IASME Gold and GDPR Ready - Fully Managed
- Cyber Essentials PLUS - Fully Managed


 All Fully Managed Cyber Essentials, Cyber Essentials PLUS and IASME Gold are moderated by IASME.
IASME is one of the Cyber Essentials accreditation bodies appointed by the UK Government.



BPIF Cyber Essentials - Size: 84Kb Download
For more information please contact:
Meeka Walwyn-Lewis
Meeka Walwyn-Lewis
Head of Membership Operations
01924 203335
You might also be interested in:
  • ISO 27001 Information Security Management Implementing and maintaining an Information Security Management System (ISMS) certified to the internationally recognised data security standard ISO27001 is the most effective way to reduce your risks and to assure clients and insurers that security of information is your company’s top priority.
  • General Data Protection Regulations (GDPR) A business that is not GDPR compliant could face a fine of €20m or 4% of its annual turnover.