Service

BS 31111 audit and assessment

A top-down approach to managing cyber risk, using the BS 31111:2018 standard – helping leaders to understand risks, mitigate them and stay resilient.

Contact your account manager

At a governance level in your organisation, you have ultimate accountability for managing cyber risk. This means that, as the number and sophistication of cyber incidents increases, it’s up to you to maintain a clear, high-level understanding of the changing risks you face – and what you are doing to mitigate them.

To help you develop this understanding, it’s natural to involve your IT team. But you cannot delegate the responsibility away. After all, in an increasingly digital age, cyber risk is business risk.

This responsibility can be challenging for any governing body. So to help you develop the high-level understanding you need, we offer an audit and assessment service using the BS 31111: 2018 standard, which was published in 2018 to support a governance-led approach to cyber security.

How the BS 31111 assessment helps you

At a governance level, our BS 31111 audit and assessment service helps you to identify cyber risks, understand them and ensure that appropriate processes are in place – in order to help build resilience to cyber-attacks and other disruptive events, while improving operational performance. In turn, this helps you to demonstrate the steps you’re taking to stakeholders and regulators.

The service helps you to:

  • Identify and understand cyber risk
    The assessment helps you to understand your digital investment and the cyber-risks that are associated with it – understanding both positive and negative outcomes
  • Understand your level of resilience
    Using this assessment, you can understand and identify your level of preparation – including not only prevention measures, but also response capabilities that will help you manage a cyber incident
  • Plan in a changing landscape
    As digital technologies change, so do the associated risks. This assessment helps you understand how you manage and understand changes in the cyber landscape, whether or not you’re planning for digital transformation
  • Allocate resources appropriately
    Armed with this assessment, you can ensure that you’ve allocated adequate resources – whether financial, human, information-based or technological – that you need to manage risk, stay resilient and operate efficiently

Get started

To find out more about the BS 31111 service, contact your account manager.

Further information

Read more about the BS 31111 audit Jisc carried out for CERN, the European Organization for Nuclear Research.

UKAS and ISO 9001 and ISO IEC 27001 logo

This service is included within the scope of our ISO9001 and ISO27001 certificates.

Read more about International Organisation for Standardisation (ISO) standards and view Jisc certificates.