Latest News Archives - Page 3 of 10 - URM
  • URM changes its name!

    Since 2005, URM has provided consultancy and related services in the areas of information security, data protection, business continuity and risk management.  and through our branding we are predominately known as URM and, as such, have changed our registered name from Ultima Risk Management Limited to URM Consulting Services Limited. The change of name was in […]

  • What’s the difference between a certified and a compliant ISO 27001 Infosec management system?, ISO 27001 Certified VS Compliant | Differences and Benefits, services, compliance, iso data, iso 27001, iso certification, iso compliance, iso audit, iso 27001 certification, iso 27001 certification, iso 27001, iso data, iso compliance, blog, urm consulting services, urm blog, urm expertiese, urm iso 27001 blog, isms


    What’s the difference between a certified and a compliant ISO 27001 Infosec management system? This is the question of the week,  what is the difference between a certified and a compliant ISO 27001 management system? There is some confusion about the difference between having an information security management system (ISMS) which is certified to ISO […]

  • Security breaches - How do we protect ourselves?, information security, cyber security, information security breach, cyber security breach, security breach, cyber sec breach, infosec breach, capita breach, capita infosec breach, capita, information ecurity blog, breach blog, urm consulting, urm consulting and training provider

    Security breaches – How do we protect ourselves?

    In recent weeks the news has, once again, been peppered with high-profile information security breaches. Many of us find ourselves asking, how do we avoid hitting the headlines for the wrong reasons? This week’s top tip looks at where to start. Avoiding security breaches is not the responsibility of a single individual, irrespective of technical […]

  • information security controls you should implement, infosec, information security, ISO 27001, International Standards

    Tips from URM – What dictates which information security controls you should implement?

    The information security controls that all organisations need to implement are heavily dependent on the information being stored, processed or transmitted and the purpose of the processing.  For example, whilst regular penetration testing may be appropriate for some organisations, it may not be required for others.   This is where risk management kicks in.  Best practice dictates that you need to identify the risks that your organisation faces before proceeding with the implementation of appropriate controls to reduce these risks to a level which is acceptable to your stakeholders.  Risk appetite will typically be defined by directors, shareholders or regulators along […]

  • Data Transfer, gdpr, data protection , information security, infosec,, infosecurity

    Data Transfer – Are Standard Contractual Clauses Sufficient?

    Are Standard Contractual Clauses Sufficient? This week’s top tip looks at a very specific area of GDPR – Article 28 to be precise and data transfer outside of the EEA. One of the ways in which you can legitimise an ex-EEA data transfer is by using the standard contractual clauses (SCCs). Article 28 mandates a […]

  • Quick and simple BC exercises, practica advice with regards to Business Continuity , ISO 22301 ISO International Standard, , top tip,

    Tips from URM – Quick and simple BC exercises

    In a previous blog we looked at the different types of exercise you can utilise to validate your business continuity approach.  This week’s top tip focuses on the desk check and facilitated discussion. At the simplest level, within any good business continuity (BC) exercise programme, lie the following two types of exercise: A sense check […]

  • ICO fines BA £183m fines can be levied for administrative and governance failures, not just data security breaches. Are you doing enough in reviewing and implementing appropriate information security and privacy management controls to limit the potential impact to your organisation?

    Tips from URM – Reviewing and Implementing Management Controls

    ICO fines BA £183m There are enough articles out there regurgitating the news about the BA data breach which we aren’t going to repeat.  For us the message is simple, and let’s make no bones about it, the Commissioner has enhanced powers under DPA 18/GDPR and clearly intends to use them. Prior to this fine, […]