Access Assemble

Volunteer compliance, built on secure foundations

Your volunteer compliance goes beyond policies - it starts with secure systems

Backed by ISO 27001:2022 certification, Access Assemble combines enterprise-grade security with resilient cloud infrastructure. Secure AWS hosting, controlled access and independent testing work quietly in the background to strengthen your volunteer compliance - and protect the people and data that matter most.

Take a product tour Schedule your live demo

Strengthen volunteer compliance

Built on certified security standards and structured governance.

Reduce organisational risk

Controlled access, monitored infrastructure and independent testing.

Demonstrated accountability

Externally assessed ISO certification and recognised UK accreditations.

Procure with confidence

G-Cloud listed and aligned to public-sector security expectations.

Certified. Assessed. Accountable.

The Access Group maintains recognised, externally validated standards to support your volunteer compliance:

ISO 27001:2022 certification, assessed by UKAS-accredited Alcumus ISOQAR
Cyber Essentials accreditation
Registered with the Information Commissioner’s Office (ICO), Registration No: Z9806829
Listed on the Government G-Cloud Framework - this framework lists trusted providers of technology for digital projects in the public sector.

These certifications apply across Access products, including Access Assemble, ensuring your volunteer data sits within a safe, independently verified security framework.

Protection in practice

Resilient cloud foundations

Secure infrastructure & hosting

Access Assemble is hosted on Amazon Web Services (AWS):

The majority of customers are hosted within EU-based AWS infrastructure, with others hosted in the UK and Australia.

Security controls include:

Segmented cloud environments
Network access controls
Encryption in transit using HTTPS and TLS
Encryption at rest

AWS data centres provide strict physical access controls, environmental safeguards and continuous infrastructure monitoring.

The right access, by design

Controls & platform safeguards

Volunteer compliance requires careful control of who can access sensitive data. To support this, Access Assemble includes:

Role-based user permissions
Configurable access controls
Secure HTTPS platform access
Two-factor authentication (2FA) options
Audit logging of system activity
Single Sign-On (SSO) integration

Access rights are aligned with responsibility, reducing internal risk and strengthening oversight.

Continuously monitored, regularly tested

Monitoring, testing & resilience

Preparedness is built in, not added later.

The Access Group operates:

Ongoing system monitoring
Threat detection controls
Activity logging and auditing
Independent security testing

Penetration testing is conducted by qualified third parties who hold CREST and CHECK credentials, with findings formally assessed and shared with Assemble management. Next? Assemble’s Security Team reviews and prioritises the reported findings, and tracks them to resolution.
We also maintain structured business continuity and disaster recovery planning, with regular resilience testing to support continuity.

System status and uptime information is publicly available – take a look: https://npe-theaccessgroup.statushub.io/

Security is everyone’s responsibility

Strong safeguards start with strong habits

Volunteer compliance is supported not just by systems, but by people. Alongside dedicated security and compliance specialists, everyone at Access shares responsibility for protecting customer data.

All colleagues are required to follow our Information Security Policy, agree to confidentiality terms, complete background screening and undertake security training before being granted system access.

Serious about your security

View pricing Get in touch

FAQs

What does volunteer compliance mean in the context of Access Assemble?

Volunteer compliance refers to the secure management of volunteer data, supported by recognised security standards, controlled access and governance frameworks that protect sensitive information.

Is Access Assemble ISO certified?

Yes! The Access Group holds ISO 27001:2022 certification, assessed by UKAS-accredited Alcumus ISOQAR. This applies across relevant Access products, including Assemble.

Does Access hold Cyber Essentials accreditation?

Yes! The Access Group is Cyber Essentials accredited, demonstrating protection against common cyber threats.

Does Access Assemble support Single Sign-On (SSO)?

Yes! Access Assemble supports SSO integration, enabling your charity to align user access with existing identity management systems and strengthen security controls.

This helps to reduce password fatigue, improve access control and support stronger volunteer compliance across staff and volunteer users.

Where can I check system status?

Real-time status and uptime information is available at: https://npe-theaccessgroup.statushub.io/

Why is security so important to volunteer compliance?

From contact details to safeguarding records, volunteer compliance depends on protecting sensitive information. Strong security helps prevent data breaches, unauthorised access and operational disruption.

When your systems are secure, you protect not only volunteer data, but also your organisation’s reputation, regulatory standing and the trust your volunteers place in you. In short, security is not separate from volunteer compliance, it’s what makes it possible.

How do I ask a question?

Easy – get in touch! We’ll be able to talk you through the security features of Access Assemble, and anything else you’d like to know.