Assessment Services

What's a Certification Body (CB)

A certification body (CB) is an independent third party that handles a certification process. It is an organisation that has been accredited and can provide compliance certificates with regard to a scheme or a standard.

Standards are developed to ease communication between suppliers and buyers, by agreeing on common criteria of assessment of products or services before purchasing them. You can read more about standard development in our Advisory Service.

What scheme are we accredited for

We are licensed by IASME consortium Ltd to deliver assessments for the Cyber Essentials scheme and IASME Cyber Assurance scheme.

We aim to provide a high level quality of service. Our assessors are available to assess your organisation and review how it complies with a specific standard. We use a methodical approach when assessing organisations this covers review of your policies, processes, procedures, work instructions, proofs, and records performed through reviews, interviews, and Q&A sessions allowing us to understand how you intent and achievement to comply with a specific standards.

We offer advisory and consulting services to help you achieve your certification through our Advisory Service.

Cyber Essentials

Cyber Essentials is an effective, UK Government backed minimum standard scheme that will help you to protect your organisation. It is owned by the National Cyber Security Center (NCSC). Certification will give you peace of mind that your defences will protect against the vast majority of common cyber attacks.

Organisations assess themselves against five basic security controls and a qualified assessor verifies the information provided. The Cyber Essentials self-assessments are available through a secure hosted platform powered by the Cyber Essentials assessment platform. The assessments can be accessed and answered quickly and easily using Pervade’s intuitive user interface.

Cyber Essentials certification includes automatic cyber liability insurance for any UK organisation who certifies their whole organisation and has less than £20m annual turnover (terms apply).

You will need to renew your certificate annually as it expires after twelve months. We remove companies from our certified organisation list if they are not certified within twelve months of their last certificate.

Get in touch if you want to be certified against the Cyber Essentials scheme.

IASME Cyber Assurance (ICA)

IAMSE Cyber Assurance (ICA) is split into two (2) levels.

IASME Cyber Assurance Level One Verified Assessed helps organisations achieve an excellent level of information security in a cost-effective manner. It is particularly applicable to SMEs who want to demonstrate to clients and business partners that they manage information and data securely. IASME Cyber Assurance Maps to the Government’s 10 Steps to Cyber Security & NIS Directive.

The IASME Cyber Assurance Level Two Audited standard is IASME’s highest level of certification. It offers small and medium sized organisations a legitimate way to prove their compliance with a comprehensive but affordable alternative to other international standards.

Get in touch if you want to be certified against the IAMSE Cyber Assurance (ICA) scheme.

Code of conduct

All our assessors are binding with the following ethical principles to guide their decisions in relation to assessments, customers and operating the scheme:

Integrity – Act in accordance with the law and consistently exercise the highest moral principles
Honesty – Present facts clearly and truthfully
Objectivity – Perform all duties and make all decisions in relation to the scheme based on facts, not personal feelings or commercial concerns
Professional competence and due care – Render only those services which we are fully competent and qualified to perform
Confidentiality – Limit access to information to protect the interests of customers, partners and employees

As a Certification Body we uphold our ethical principles to provide you with a high ethical assessment service.

In some cases, we will not conduct assessment to avoid conflict of interest. You can find below some situations where we will not conduct the assessment or will assign you a different assessor. Therefore we rely on your help and support to let us know if:

A family member of the assessor is a director or shareholder of the organisation they are assigned to assess
The assessor is an employee, director or shareholder of the organisation they are assigned to assess
The assessor has a financial interest (investment) in the organisation they are assigned to assess

How ready are you?

Our assessment services will assess your cybersecurity readiness based on UK internationally recognised schemes. Your strategic decisions and cybersecurity programme will be challenged by our experts and will help you identify non-conformances, and opportunities for improvements. Together, let's embark on a journey towards a secure, resilient, and technologically advanced future. We can combine an advisory service with an assessment service to get you the best of our services. You can use our Contact us form to send us your enquiry we will be delighted to review it and reply to you as soon as possible. Or you can send us an email to hello@cstconsultancy.com.