We hosted a webinar regarding the recent IASME updates last month and multiple connections have asked for the recording since. Due to this, we would like to give others the opportunity to catch up on the session.
There has been some controversy around organisations and certification bodies in the past taking a ‘risk-based approach’ with the certification assessment. The Deputy Director for Cyber Growth, Chris Ensor, wrote “sometimes, this risk management results from options in the technical requirement, but in other places the assessors may have been accepting more than was intended by the requirements”. The new updates contain stricter technical controls, to eliminate any confusion or the possibility for interpretations. In the Q&A, one attendee commented how they had found recertification harder due to the recent changes, confirming the effects of the updates.
Other topics discussed in the 30 minute webinar are:
Identify the misinterpretations of ‘the scope’
Learn about the new questionnaire updates: stricter technical controls
Find out which tools are recommended for certification and beyond
Clarify the working from home protocols
Specify the new audit guidelines for Cyber Essentials Plus