IASME

IASME Governance (/aɪˈæzmi/ eye-AZ-mee[1]) is an Information Assurance standard that is designed to be simple and affordable to help improve the cyber security of Small and medium-sized enterprises (SMEs).

The IASME Governance standard was developed in 2010 and has proven to be very effective at improving the security of supply chains for large organisations.

IASME Governance was originally developed as an academic-SME partnership that attracted a lot of interest from government and small businesses[2] Research towards the IASME model was undertaken in the UK during 2009–10,[3] after an acknowledgement that the current international information assurance standard (ISO/IEC 27001) was complex for resource-strapped SMEs, providing a weakness in the supply chain.

The IASME Governance standard was developed and piloted with the help of small businesses mostly in the West Midlands of the UK with encouraging results.

[14] A mapping between the two standards is available[15] The Cyber Assessment Framework (CAF) has been developed by the UK Government to allow organisations to demonstrate their compliance to the NIS Directive.