MIAA has been assessed as meeting the NCSC standard and is now an Assured Service Provider for the NCSC Cyber Resilience Audit scheme.

Cyber Resilience Audit (CRA) companies provide independent audits against defined cyber security standards, initially based on the Cyber Assessment Framework (CAF).”

This accreditation marks a major milestone for MIAA and reflects our ongoing commitment to helping organisations strengthen their cyber resilience and safeguard critical systems and services.

MIAA Digital Director, Tony Cobain, said: “This achievement demonstrates our credentials in auditing against the NCSC’s Cyber Assessment Framework and highlights the hard work of our team. The accreditation process was rigorous, requiring us to demonstrate our Cyber Essentials Plus certification and a wide range of corporate security measures.

While this recognition is a tremendous achievement for MIAA, its greatest value lies with our clients, who can be confident they are engaging highly skilled individuals and a trusted, high-quality audit provider.”

What this means

The Cyber Resilience Audit (CRA) scheme provides assurance for organisations delivering independent cyber audits, with a strong focus on the Cyber Assessment Framework (CAF).

By becoming an NCSC Assured Provider, MIAA has demonstrated:

• Expertise in auditing against the CAF.

• Independence and integrity in delivering high-quality assessments.

• Dedication to helping organisations manage cyber risks in an ever-changing threat landscape.

This recognition is particularly important for organisations required to have the NHS Data Security and Protection Toolkit independently audited, as NHS England strongly recommends using a CRA scheme-assured auditor.

About the Cyber Assessment Framework (CAF)

The CAF is designed to help organisations assess, improve, and demonstrate cyber security and resilience, especially in sectors that provide essential services such as:

• Healthcare

• Energy

• Transport

• Digital infrastructure

• Government

The framework supports both internal assessments and external oversight bodies, helping organisations meet legal and regulatory requirements, including the NIS Regulations.

CAF provides structured guidance for:

• Identifying and managing cyber risks.

• Protecting vital functions from potentially catastrophic cyber incidents.

• Achieving robust levels of cyber resilience.

Why this matters

As cyber threats become increasingly sophisticated, organisations need reliable, independent audits to ensure their systems are secure and resilient. 

With this NCSC accreditation, MIAA is uniquely positioned to help organisations confidently navigate cyber risks, protect essential services, and meet national cyber security expectations.

• Find out more about MIAA's Digital Services 
• Contact Digital Director, Tony Cobain