Governance and compliance Cyber essentials ISO27001 services Risk assessment Third-party risk Architecture review Information assurance Cyber health-check Policy documentation
 

 Governance, Risk and Compliance

 
1Alpha-Governance-compliance.jpg

Helping you achieve your Corporate Governance, Enterprise Risk Management, and Compliance objectives 

 

IASME Governance

Introduced by the IASME consortium and backed by the UK Government. This standard provides an affordable and achievable route for businesses of all sizes to demonstrate the maturity of their information security practices and processes. It is an approved alternative to ISO 27001

The IASME Governance certification, now relaunched as IASME Cyber Assurance, assesses your information security, processes, and GDPR readiness.

Cyber Essentials certification is a pre-requisite. The assessment and certification process enables you to demonstrate that you take information security seriously. Achieving certification can also qualify UK domiciled businesses with a turnover of less than £20 Million to receive Cyber liability Insurance

 
Banner-blue.png

IASME Cyber Assurance self-assessed

Completion of a guided self-assessment via an online portal, with review and marking by an IASME certified body such as 1Alpha, followed by a pass or fail. Passing organisations receive certificates of compliance with both Cyber Essentials and IASME Governance

We provide services including pre-assessment of organisations, providing assistance with preparing for the IASME assessment guiding organisations through their responses to the question set, and delivering certification

 
 
IASME Cyber Assurance (self-assessed) Ex. Vat IASME Cyber Assurance (self-assessed) Ex. Vat IASME Cyber Assurance (self-assessed) Ex. Vat IASME Cyber Assurance (self-assessed) Ex. Vat IASME Cyber Assurance (self-assessed) Ex. Vat
IASME Cyber Assurance (self-assessed) Ex. Vat
from £320.00

For companies with a good understanding of their cyber security controls

 
IASME Cyber Assurance support package Ex. Vat IASME Cyber Assurance support package Ex. Vat IASME Cyber Assurance support package Ex. Vat IASME Cyber Assurance support package Ex. Vat IASME Cyber Assurance support package Ex. Vat
IASME Cyber Assurance support package Ex. Vat
from £915.00

For companies seeking certification with additional help and guidance

 
 

IASME Cyber Assurance Audited (Gold)

Organisations seeking to attain IASME Governance Audited must first become certified to the level of IASME self-assessed

The assessment process for IASME Governance Audited involves onsite verification of the responses provided including a combination of staff interviews, configuration assessments and documentation review

Passing the onsite audit allows the Cyber essentials audited (Gold) certification to be granted. Certification is maintained by submitting an annual online self-assessment for the first two years of the cycle followed by a full audit at the end of the third year

Our IASME Governance pre-assessment, preparation and audit assistance services at 1Alpha, help organisations to pass first time and maintain their certification

 
Banner-blue.png

ISO 27001

The ISO 27001 international standard provides the specification for an Information Security Management System (ISMS). The standard covers people, processes and technology and helps organisations manage their security practices and protect themselves through risk management procedures

Working towards the ISO 27001 standard can help organisations to comply with laws and regulations such as GDPR and NIS while maintaining the confidentiality, integrity and availability of their information resources

Our consultants at 1Alpha can help you to define the scope of your ISMS, assess your state of readiness, prepare for assessment, protect your Information assets, and increase your resilience to cyber-attacks

 

GDPR

The General Data Protection Regulation (GDRP) together with the data protection act 2018 gives data subjects greater control over how their personal data is processed by organisations

The GDPR principles require that personal data should only be collected in a fair and transparent manner, gathering only sufficient information to fulfil the legitimate purpose. The data gathered should be accurate and up to date, confidentiality should be maintained and the data should be retained only for as long as needed to fulfil the legitimate purpose. Accountability must be provided throughout

Our GDPR services assist with the identification of personal data sources and repositories and help promote engagement with key business functions to ensure that data governance, risk management and compliance controls are effective throughout the enterprise

 
Banner-blue.png

PCI DSS

The Payment Card Industry Data Security Standard (PCI DSS) aims to ensure protection of credit, debit and cash card related transactions including how they are transmitted, stored and processed

Our range of PCI DSS services help organisations at all stages of assessing current state of readiness, preparing for audit, and maintaining accreditation

Services include onsite assessments and Workshops, Gap analysis, delivering roadmaps for compliance, development of controls, policies and procedures, guidance to determine and justify the correct scope for assessment and delivering ongoing supplier due diligence