Our Security Consultant, James Kelsh, has passed the CSTM (Cyber Scheme Team Member) exam, one of several mandatory qualifications needed for a company’s lead assessor to continue its ability to be a Cyber Essentials PLUS certification centre.
Said James: “As of the 1st April, the National Cyber Security Centre (NCSC) is standardising Cyber Essentials by having just one accreditation body – IASME – an information assurance standard for SMEs. We have been a certification body of IASME for over three years and the first in Guernsey. We have gained all qualifications and assurances needed to continue assessing for Cyber Essentials, Cyber Essentials PLUS, IASME and IASME GOLD in readiness for the 1st of April.
“IASME is raising the standard of each certification body by mandating all to be IASME GOLD certified. Along with recertifying every three years, each company will have to prove its quality of work through either ISO9001 or IASME’s own quality measures by September. On top of this, for Resolution IT to continue being a Cyber Essentials PLUS auditor, at least one auditor must have one of a few penetration testing qualifications, otherwise we would only be able to assess to Cyber Essentials level. Any organisation without an auditor with one of these qualifications is unable to continue assessing from the 1st of April. The qualification is very through as tests the assessor knowledge through a series of exams.
“Whilst it sounds incredibly complicated, it is this level of assessment and detail which will allow us to continue offering cyber certifications to local businesses here, as the ability to evidence your cyber security measures continues to rise. Let’s not forget that since the beginning of this year the States of Jersey requires anyone bidding for a States contract worth more than £25,000 to be Cyber Essentials certified. The States of Guernsey is committed to reviewing Cyber Essentials and has said it will encourage the use and accreditation of it, as well as for businesses tendering for work, to meet the appropriate standards.”