ISO 27001
What is ISO 27001?
To give it its full title, ISO/IEC 27001:2022 Information security, cybersecurity and privacy protection — Information security management systems — Requirements’...
What is the purpose of ISO 27001?
ISO 27001 provides a standardised approach that outlines how to manage information...
How does ISO 27001 work?
ISO 27001 advocates the use of an Information Security Management System (an ISMS for short), which is...
Why does ISO 27001 matter?
There are many ways your organisation can be impacted by a failure to protect your information...
When was ISO 27001 updated?
The current version of the Standard, ISO/IEC 27001:2022 replaced the 2013...
What changes were made with ISO/IEC 27001:2022?
The major change to ISO 27001, with the publication of the 2022 version, was the incorporation...
How to get ISO 27001 certification?
In order to provide further reassurance to your stakeholders, and customers in particular...
How long does it take to implement ISO 27001?
There is no straightforward answer to this question as it depends on the size and complexity...
Is there a legal requirement to comply with or be certified to ISO 27001?
There is, generally, no direct legal requirement as such. Organisations choose...
What are the 7 mandatory clauses of ISO 27001?
The 7 mandatory clauses which you are required to comply with are clauses...
What is the difference between ISO 27001 and ISO 27002?
ISO 27002 is a supporting document that provides guidance on 93 best practice information...
Can I use Annex A as an information security controls checklist?
Many organisations use the controls listed in Annex A as a menu or checklist of best...
Why work with URM?
- We have helped over 400 organisations to becomecertified to ISO 27001 across a range of sizes and industry sectors
- 100% certification guarantee
We could quote our experience – all our consultants have at least 5 years of experience of implementing and managing ISMS’ which has enabled them to truly understand the challenges before becoming consultants.
However, whilst all of these things are important, we believe it is our approach and our passion that really sets us apart.
For URM, it is vitally important that your ISMS and ISO 27001 implementation reflects and is appropriate to your organisation. Your ISMS needs to be pragmatic and maximises everything you have in place and becomes business as usual.
Doing something simply because the Standard says so and producing a document to reflect that, will never become fully embedded in your organisation.
Added to our approach and passion is our flexibility.
We will help you in the way that suits you best – whether that is through providing advice and guidance, taking responsibility for some of the requirements such as risk assessment and policy production or providing you with an experienced individual for a period of time.
ISO 27001 overview
Never miss a thing
Stay in the loop
Please provide your contact details and we will email you with any future changes to ISO 27001 (and the implications!).
URM holds free seminars and webinars for end-user organisations focusing on information security.
Find out more
related BLog
ISO 27001:2022 - A.5 Organisational Controls (Supplier Management)
Published on
27 Jun
2025
URM’s blog explains the importance of the 5 supplier management controls in ISO 27001 & provides practical guidance on how to implement each control.
Read more
Information Security
published on
27/6/2025
ISO 27001:2022 - A.5 Organisational Controls (Access Management)URM’s blog explores why the access controls in ISO 27001 matter, and how to implement each control in full conformance with both the Standard and best practice.
Read more
Information Security
published on
27/6/2025
ISO 27001:2022 - A.5 Organisational Controls (Information Security Management)URM explains the 8 information security management controls included within the ‘Organisational controls’ theme and how to prepare for an audit of each control
Read more
Information Security
published on
5/6/2025
Information Risk Assessment and Treatment in ISO 27001URM’s blog explains how to conduct information security risk assessments and implement risk treatments that are both efficient and ISO 27001 conformant.
Read more
"
I found the course very informative, and the trainer was communicative, supportive and engaging. He is very skilled at adapting to the different types of people and transferring knowledge in a way that sticks with attendees; he delivered the same training over 2 years ago and I still remember the things he taught us. We will definitely be recommending him to other businesses that want to learn about ISO standards. Definitely a great asset to the company.
contact US
Let us help you
Let us help you in your compliance journey by completing the form and letting us know how we can best support you.