Versions Compared

Version Old Version 1 New Version Current
Changes made by

Samantha Alexander

Kate McKenzie

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

(blue star)

...

History of key revisions:

...

Date issued:

...

Author:

...

Description:

...

First Introduction

...

Internal audit history

...

Date:

...

Conducted by:

...

Link to IA:

Page Properties
hiddentrue

Document number:

LEG-004-Schedule 9 - CertificationBodyCriteria - IASME Cyber Baseline

Document type:

Schedule

Responsibility for implementation & training:

ICB Scheme Manager

CB contract doc/ schedule:

NO

Scheme:

IASME Cyber Baseline

Reason for change:

Initial version

Approved by:

Emma Philpott

Approved date:

Next review:

Review and consultation process:

Reviewed Annually by ICB Scheme Manager

Associated documentation:

/wiki/spaces/ICB/pages/2496168230

Distribution:

Controlled in Confluence Quality Management System.

Revisions:

Date issued:

Author:

Description:

Samantha Alexander (Deactivated)

First Introduction

Download PDF Here

Certification Body Criteria

...

Certification Bodies must use badges associated with the scheme as digital badges, if available, to enable central management of brand and authenticity.

1 Certification Body Security Requirements

This can be demonstrated through:

  • Achieving and maintaining independently verified ISO 27001 certification

  • Achieving and maintaining audited IASME Cyber Assurance Level 2 certification

The scope of the above certifications must cover all areas of the business that will be involved in certification or that will hold data that relates to certifications.
ISO 27001 certification must be through a UKAS Accredited Certification Body or an International Accreditation Forum (IAF) recognised equivalent.

Verification of the requirements

All Certification Bodies must demonstrate they meet the security requirements before signing the Certification Body contract with IASME unless agreed otherwise with IASME.

2 Certification Body Quality Requirements

All Certification Bodies must commit to achieving and maintaining a good quality management system.

This can be demonstrated through:

  • Achieving and maintaining independently verified ISO 9001 certification

  • Achieving and maintaining a compliant mark on all of the IASME Quality Principles as part of a successful IASME Cyber Assurance Level 2 certification

  • Achieving and maintaining the QG Quality Fundamentals+ certification

The scope of the above certifications must cover all areas of the business that will be involved in certification or that will hold data that relates to certifications.

ISO9001 certification must be through a UKAS Accredited Certification Body or an International Accreditation Forum (IAF) recognised equivalent.

Verification of the requirements

All Certification Bodies must demonstrate they meet the quality requirements before signing the Certification Body contract with IASME unless agreed otherwise with IASME.

© The IASME Consortium Ltd 2023 All rights reserved