News & Insights

IASME Cyber Assurance & Privacy Commissioner, Bermuda.

23 November 2023IASME Cyber Assurance, IASME Cyber Baseline
IASME Cyber Baseline

IASME Cyber Assurance partner with PrivCom, Bermuda. The IASME Consortium announced this year an agreement to partner with The Office of the Privacy Commissioner (PrivCom) to bring privacy and cybersecurity certification to the country of Bermuda.

A spokesperson said, “The Office of the Privacy Commissioner [PrivCom] is pleased to announce an exciting partnership with the IASME Consortium to support small and large organisations as they prepare for compliance with privacy rules.

“IASME is a United Kingdom-based organisation that has developed governance standards relating to cyber security and assurance. IASME is committed to helping businesses improve their cyber security, risk management, and good governance through an effective and accessible range of certifications.

“The non-financial collaboration between PrivCom and IASME will support the development of a Bermuda-specific component of the Cyber Assurance and Privacy standard to help organisations certify their compliance with the Personal Information Protection Act [PIPA]. This certification tool will help local organisations test and demonstrate their privacy and security practices by providing a framework for compliance with requirements and best practices.

“IASME’s certification mechanism allows organisations to self-certify or to engage with a trained assessor to evaluate the organisation and provide a third-party certification.

Privacy Commissioner Alexander White said, “This project will give all Bermudian organisations a framework to understand and explain their privacy and cybersecurity readiness. IASME is a recognized entity for their work in the UK to build cybersecurity maturity, making the process simpler and realistic even for small businesses.

“Plus, since this engagement will map Bermuda’s PIPA to IASME’s certification for the General Data Protection Regulation [GDPR], Bermudian businesses will be well placed to comply with privacy rules outside of Bermuda.”
Emma Philpott, CEO of the IASME Consortium, said, “IASME are excited to be working with PrivCom on this important project. It is fantastic to see such a proactive attitude to privacy and security and we are looking forward to training the first cohort of assessors.”

PrivCom’s Assistant Commissioner Cha’Von Clarke-Joell, who has coordinated PrivCom’s engagement with IASME, said, “This is an exciting and significant development for Bermuda’s economy and the information privacy sector as local Assessors can register with Certification Bodies on the island, the UK, the US, and in Europe to offer services globally to any entity that uses the IASME standard while working virtually from Bermuda, thus contributing to the island’s economic growth with flexible and remote working conditions.”

The spokesperson said, “What is the IASME Cyber Assurance standard?
“The IASME Cyber Assurance standard was developed over several years during a UK government funded project to create a cyber security standard which would be an affordable and achievable alternative to other international standards. It allows small and medium sized enterprises in a supply chain to demonstrate their level of cyber security and data privacy for a realistic cost.
“IASME Cyber Assurance offers smaller companies within a supply chain a ‘right sized’ approach to show their level of information security for a realistic cost and compete with larger organisations for business.

“A wide range of UK and international industry sectors now accept the Level 2 audited IASME Cyber Assurance certification as an alternative to other international standards.

“The IASME Cyber Assurance certification includes privacy and security requirements and is available in two levels: Level 1 Verified Assessment and Level 2 Audited. There is a prerequisite to applying for IASME Cyber Assurance; you must hold a valid Cyber Essentials or IASME Cyber Baseline certificate before you can apply for IASME Cyber Assurance.

“In addition, IASME and PrivCom will be working together to develop PIPA-specific sections of the certification.