Client snapshot
- Client: Hope After Harm
- Sector: Charity
- Engagement: IASME Cyber Assurance Level Two certification support
- Outcome: Achieved IASME Cyber Assurance Level Two and established a structured cyber resilience framework aligned to funding and supply chain requirements
The challenge
As a charity handling large volumes of highly sensitive and special category data, Hope After Harm needed to demonstrate a high level of cyber security maturity.
To secure and maintain Ministry of Justice funding, Cyber Essentials was a prerequisite, but additional requirements within the supply chain meant going beyond those controls.
Key challenges included:
- Translating cyber security standards into practical processes and procedures
- Managing compliance within limited time and budget constraints
- Avoiding a compliance-only approach
- Building a sustainable, organisational approach to cyber security
The approach
RB Consultancy Ltd provided structured, collaborative support tailored to a resource-constrained organisation:
- Supported IASME Cyber Assurance Level Two assessment
- Conducted detailed reviews of documentation, processes, and technical controls
- Provided an efficient audit and assessment over a defined engagement period
The outcome
Hope After Harm successfully achieved IASME Cyber Assurance Level Two certification.
This relates to:
- A structured and comprehensive cyber security and risk management framework
- Improved protection of sensitive client data and operational systems
- Stronger alignment with UK GDPR, incident response, and business continuity requirements
- Increased confidence in meeting funding and supply chain expectations
“Once you’ve put in the effort to achieve Level One, the additional input required for the audit is minimal. It’s a cost-effective way to stay disciplined and aligned with our goals.”
“There’s nothing like having to provide evidence to really focus the mind, it keeps us accountable and ensures we uphold high standards.”
– Hope After Harm
Why this matters
For charities and organisations handling sensitive data, cyber security can be fundamental to operational delivery and stakeholder trust.
IASME Cyber Assurance provides a practical framework to:
- Demonstrate cyber maturity beyond Cyber Essentials
- Align security with real-world operations, risk, and compliance
- Strengthen trust with funders, partners, and service users
- Enable participation in regulated supply chains and public sector contracts
Taking a structured, supported approach ensures cyber security becomes embedded into the organisation, with subsequent assessments leading to cyber security certification that can result in bids being won and funding secured.






