The IASME Governance standard, based on international best practice, is risk-based and includes aspects such as physical security, staff awareness, and data backup. The IASME standard was recently recognised as the best cyber security standard for small companies by the UK Government when in consultation with trade associations and industry groups.  The IASME governance self assessment includes the Cyber Essentials assessment within it as well as an assessment against the requirements of the GDPR.