Need help?0300 180 0655
Proof, Not Promises

Your IT provider should be
verifiably good.

Most businesses take their MSP at their word. We think that's not good enough - for you, or for us. That's why we've started our journey toward Assurix accreditation: independent, continuous verification that we're actually doing what we say we do.

What is Assurix? →
Assurix - On the Journey
The problem with most certifications

Your biggest security risk
might be your own MSP.

That's an uncomfortable thing for an IT provider to say. But it's true - and the data backs it up.

MSPs sit at the heart of their clients' IT environments. We hold admin credentials, manage your security tools, control your backups, and have deep access to your systems. If an MSP operates to poor standards - or worse, if they're compromised themselves - the impact on clients can be severe.

The UK government recognises this. The Cyber Security and Resilience Bill is driving expectations that MSPs in critical supply chains must meet ongoing assurance requirements, not just periodic audits.

Yet most of the certifications MSPs hold tell you very little about whether they're doing the right things right now. ISO 27001 tells you they met a standard on the day they were assessed. Cyber Essentials confirms a point-in-time snapshot. Neither tells you what's happening in your environment today.

Annual certifications

Assessed once a year. Standards can drift significantly between audits - and no one would know until the next assessment window.

Trust on reputation alone

References and case studies are useful - but they tell you what a provider was like, not whether they're meeting standards today.

No independent verification

Most MSPs ask you to take their word for it. Without third-party, continuous monitoring, there's no objective way to verify that they are.

What is Assurix?

Live evidence.
Not static certificates.

Assurix is an independent trustmark for UK managed service providers. It verifies that an MSP meets defined standards across cybersecurity, operational maturity, and business resilience - using live data from the tools the provider uses every day.

64
controls assessed

Spanning cybersecurity, operational maturity, and business resilience. More than 20 tracked live.

CAF 4.0
framework aligned

Built on the NCSC Cyber Assessment Framework 4.0 - the same standard the UK government is driving toward for critical supply chains.

30 days
remediation window

If a control falls out of tolerance, there are 30 days to fix it - or the trustmark is publicly suspended. No hiding a lapsed accreditation.

Live
continuous monitoring

Assurix integrates with PSA, RMM, Microsoft 365, and backup systems - collecting evidence automatically, every day, not once a year.

Three areas of assessment

Cybersecurity

Aligned to NCSC CAF 4.0 - covering vulnerability management, identity and access controls, endpoint protection, patch management, and incident response capability.

Operational maturity

SLA adherence, ticket management, change control, invoicing clarity, and the day-to-day processes that determine whether an MSP actually operates professionally.

Business resilience

Business continuity planning, supply chain risk management, and the operational foundations that ensure an MSP can keep delivering when things go wrong.

Our journey

Our Assurix journey
has started.

We were already confident in the standards we operate to. We've built our service around Microsoft's security stack, Huntress managed detection and response, immutable backup, and a genuine commitment to doing the unglamorous work properly - patching, monitoring, documentation, access control.

But confidence isn't the same as proof. And we believe our clients deserve more than confidence.

Assurix caught our attention because it doesn't ask us to fill in a form once a year - it watches the tools we use every day and holds us publicly accountable if standards slip. That's exactly the level of scrutiny we want to be held to. Not because anyone forced us, but because it reflects how we already think about our responsibility to clients.

The trustmark is deliberately hard to earn - and we're among the early wave of UK MSPs working toward it. We're preparing our environment against the 64-control framework now. It takes time to do properly, and that's the point.

Assurix - On the Journey
Assurix - On the Journey We have formally committed to Assurix accreditation and are preparing our environment against the full control framework.

What this means for you right now

  • We have formally committed to Assurix and are preparing our environment against the accreditation framework
  • The work we're doing to achieve accreditation directly improves the service you receive - this isn't box-ticking
  • When we achieve the full trustmark, you'll be able to verify our status live in the Assurix public directory
  • If our standards ever slip, you'll know - because the trustmark would be publicly suspended, not quietly lapsed
Why it matters for you

Two audiences.
One standard.

IT Director / Head of IT

Objective assurance for complex environments.

Once we achieve the trustmark, it gives you:

  • Assurance aligned to NCSC CAF 4.0 - the framework the UK government is building supply chain expectations around
  • Live monitoring of our controls, not an annual checkbox exercise
  • Verified SLA adherence, patch management, and change control - operational maturity that affects your environment directly
  • A public directory entry showing our current status - not a PDF from last year
  • Meaningful input into your own supply chain risk and cyber insurance position
MD / Business Owner

Trust that doesn't rely on taking our word for it.

Once we achieve the trustmark, it gives you:

  • Independent third-party verification - not self-assessment
  • Visibility if our standards ever slip - there's no quiet lapse
  • The work behind the trustmark directly protects your data, your systems, and your business continuity - and that work is already underway
  • Proof that we're doing the right things - not just telling you we are

Want to talk about what this means for your business?

Or take our free security scorecard →

We're happy to walk you through where we are on the Assurix journey and what it means for how we look after your environment.

Talk to us → Learn about Assurix