top of page

Certification

As a Certifying Body for the IASME organisation, Synovum can carry out Cyber Essentials assessments, Cyber Essentials Plus technical audits, IASME Cyber Assurance audits and Cyber Baseline assessments and issue certifications to organisations. 

​

The Cyber Essentials programme, part of the UK's National Cyber Security Programme and mandatory for any organisation wishing on bid on UK central government contracts, has been designed to help protect organisations operating in cyberspace.  It is both size and industry agnostic, although it is found to be very suitable for small/medium size enterprises. 

​

Being certified to Cyber Essentials/Cyber Essentials Plus provides the following benefits:

​

  • Demonstrates to customers that your business takes cyber security seriously.

  • Provides some clarity on the essential security controls your business needs to have in place.

  • Identifies areas within organisations where there is room for improvement for existing security controls.

  • Automatic cyber liability insurance for UK domiciled organisations with less than £20m turnover (terms apply).

​

Depending on your organisation's in-house knowledge/skill levels, we offer an option for a consultant to work with you to complete to complete the assessment documentation. 

ce-logo-e1583444149337.webp

Cyber Essentials has been designed to mitigate the most common internet-borne threats.  It focuses on 5 main areas, these being boundary firewalls and internet gateways, secure configuration, access Control, malware protection and patch management. 

​

Depending on your organisation's in-house knowledge/skill levels, we offer an option for a consultant to work with you to complete to complete the assessment documentation. 

Option One - DIY

 

  • Access to assessment portal;

  • Verification of CE questionnaire;

  • Re-assessment (if required).

Option Two - Some Assistance

 

  • Access to assessment portal;

  • Remote/onsite consultancy support;

  • Verification of CE questionnaire;

  • Re-assessment (if required).

Option Three - Full Assistance

​

  • Initial call to discuss assessment scope;

  • Access to assessment portal;

  • Remote/onsite consultancy support;

  • Verification of CE questionnaire;

  • Re-assessment (if required).

ce-plus-logo-e1583444183282.webp
IASME-CYBER-ASSURANCE-SCHEME-LOGO.png

Cyber Essentials Plus certification is awarded upon successful completion of an independent technical audit of the organisation.  This technical audit is carried out either offsite or onsite using industry standard tools.

CE+ Test Activities

​

  • Remote vulnerability assessment;

  • Authenticated internal vulnerability scan;

  • End user device (EUD) malware protection assessment;

    • ​EUD defence assessment against malware delivered via email; 

    • EUD defence assessment against malware delivered via a website.

  • Multi-factor authentication assessment;

  • Account separation check.

  • Re-assessment (if required).

The IASME Cyber Assurance standard was was created through a government-funded initiative to provide an affordable and achievable information security alternative to international standards . It is designed to be cost-effective compared to ISO/IEC-27001:2013 .

​

Since the financial and other costs of attaining compliance/certification to ISO/IEC 27001 can be considerable, attaining the Cyber Assurance standard allows organisations to demonstrate practical adherence to a cyber security standard.

​

IASME Cyber Assurance bolsters trust with stakeholders by demonstrating your organisation’s commitment to robust cyber security practices, based on thirteen 'themes'. It provides a competitive edge, especially for suppliers within government supply chains.

IASME CA Themes.JPG

​Depending on your requirements, your organisation can be certified against Cyber Essentials, Cyber Essentials Plus and the IASME Cyber Assurance Standard at the same time. ​

​

IASME-CYBER-BASELINE-SCHEME-LOGO-1024x413-1-1536x620-1-300x121.png

The IASME Cyber Baseline certification focuses on a basic set of technical controls and uses the IASME Cyber Assurance standard’s themes. It offers organisations fundamental safeguards to shield them from the most frequent online risks.

​

According to the IASME Cyber Baseline programme, organisations of any size, industry, or complexity can commence their cyber security journey with basic measures based on nine themes withn the Cyber Assurance standard.

​

Organisations can continue developing their security posture as they mature, considering all the Cyber Assurance themes shown above.​

iso-27001-stamp-sign-information-security-vector-27582374.jpg

ISO/IEC 27001:2022 compliance is crucial for organisations aiming to enhance their cyber security posture. This internationally recognised standard provides a robust framework for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS).

 

By complying with ISO/IEC 27001:2022, organisations can demonstrate that they can systematically manage sensitive company information, ensuring its confidentiality, integrity, and availability. This compliance helps in identifying and mitigating security risks, thereby reducing the likelihood of data breaches and cyber-attacks.

 

Furthermore, it demonstrates to stakeholders, customers, and partners that the organisation takes information security seriously, fostering trust and confidence.

​

Achieving ISO/IEC 27001:2022 compliance involves a thorough assessment of the organisation's information security risks and implementing appropriate controls to address them. This process ensures that security measures are aligned with the organisation’s objectives and risk environment.

 

A Synovum consultant conducts gap analyses to identify areas where current practices fall short of the standard's requirements and develop comprehensive action plans to address these gaps. By offering hands-on support in implementing necessary controls and processes, Synovum ensures that organisations not only achieve compliance but also enhance their overall cyber security resilience.

 

Moreover, Synovum offers support to maintain ISO/IEC 27001:2022 compliance and can support formal certification against the standard. Their experts stay abreast of the latest developments in cyber security and compliance standards, ensuring that organisations are well-prepared to handle new threats and regulatory changes. 

​

Please contact us for more information regarding your Cyber Essentials or other compliance/certification requirements. 

bottom of page