ASIRTA™ is an approach that uses natural language to determine the activities that organisations have to undertake, based on their information governance obligations.

We allow organisations to show progress from a basic understanding of the governance requirements and evidence continual improvement at a board level.

Available here (note this will take you to a different site)

ASIRTA™ - basic (click to find out more)

Recent DCMS studies show that less than 5% of organisations assess themselves against the basics for cyber security and data protection.

Many organisations have reacted to covid to keep business running, but did this impact their compliance?

The basic tier of ASIRTA™ ensures that you can answer less than 40 questions, helping you understand where you sit against the ICO 12 steps guidance for GDPR and the NCSC 10 steps guidance for cyber security.

We will also show you what others activities you haven’t assessed, just in case you are ready for the next step.

ASIRTA™ - baseline (click to find out more)

So you now have the basics covered, but what about the rest of the requirements?

The baseline tier of ASIRTA™ allows you to benchmark yourself against areas such as:

Data protection

  • ICO GDPR 12 steps guidance
  • ICO GDPR security outcomes

Cyber security

  • NCSC cyber 10 steps guidance
  • NIS Regulations
  • Minimum Cyber Security Standards
  • NHS Data Security and Protection Toolkit (DSPT)

Corporate governance

  • HMT Orange Book

Information management

  • Sample legal obligations that might apply to you, dating back to 1879

ASIRTA™ - manager (click to find out more)

So you now have the main bases covered, but what about the other standards you comply to?  How do your obligations map to your services and assets?

The manager tier helps you here, allowing you upload any compliance spreadsheet you currently use and create assets to link your obligations to.

Not ready to manage everything at the moment?  No problem, the manager module is available as an option at the basic tier too – just in case you wish to map the basics to your current security activities.