Versions Compared

Version Old Version 5 New Version Current
Changes made by

Jonathan Ellwood

Kate McKenzie

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Page Properties
hiddentrue

Document number:

LEG-029-Schedule 4 – Security Requirements CIR level 2

Document type:

Schedule

Responsibility for implementation & training:

CIR Manager

CB contract doc/ schedule:

YES

Scope:

NCSC Cyber Incident RespondingResponse

Reason for change:

Initial version

Approved by:

Jamie Randall

Approved date:

Next review:

Review and consultation process:

Reviewed Annually by CIR Manager

Associated documentation:

Distribution:

Controlled in Confluence Quality Management System

Revisions: 

Date: 

Author: 

Description: 

Jonathan Ellwood

First Version Published 

Download PDF Here

1. Introduction  

IASME is committed to achieving a consistently high standard across Assured Service Providers. This document sets out the security requirements for all Assured Service Providers (ASPs) licenced through the CIE/ CIR Level 2 scheme.  

These requirements are in addition to the Assured Service provider achieving the security certifications detailed in the Assured Service Provider Criteria. These include Cyber Essentials plus certification and achievement of either IASME Cyber Assurance Level 2 or ISO27001 awarded by a third-party UKAS-accredited body.  

...