Need to engage employees in risk assessment process As the gradual easing of lockdown continues, more and more organisations are looking at how they can open workplaces back up. Below is the downloadable poster that the UK Government recommends all employers display to show that its guidance has been followed. Top of the list – ‘we […]
We are going to explore why the focus on a risk-based approach has helped turn ISO 27001, the International Information Security Management Standard, into such a world-beater. Before we dive in, let’s set the scene and try to define what we mean by risk and risk management. What is ‘risk’? Here’s an interesting challenge. Ask […]
In 2002 when URM first started to develop and deliver information security, business continuity and risk management courses, the demise of classroom training was being strongly predicted in favour of computer-based, self-study training. Despite the doom-mongers’ predictions, 17 years later face-to-face training is still going strong. In some ways, you could argue the continuing demand for […]
In this week’s blog, we are going to look at governance. We are regularly asked, ‘what do you mean by governance?’ or, ‘is information governance the same as IT governance?’ There seems to be a lot of confusion and mispositioning of governance, its role and the different forms. In this blog, we will provide some […]
At URM, we are big advocates of adopting a risk-based approach when looking at ways in which to improve information security. The cornerstone of this is conducting a risk assessment. There are many benefits attached to conducting risk assessments, most of which are focused around business efficiency, prioritising and targeting. For example, the risk assessment […]
In our blog on risk management challenges for 2019, we referred to the perennial risk attached to suppliers, as third parties continue to be a major source of incidents. Linked to the Brexit issue, understanding the risks your suppliers face and the measures they are taking to mitigate those risks is vital. In this blog, […]
There has been a lot said and written about the risks businesses are expected to face in 2019, but less about challenges of risk management and the process itself. Here are our thoughts on what we see as the key challenges : Legislation/regulation and the impact on your risk tolerance– In 2018, we saw a […]
What is Abriska? Abriska is a web-based tool (think software as a service) with a number of modules all focused on helping organisations implement a best practice approach to managing risk. The first module we developed addressed information security risk and was followed with others looking at business continuity, supplier risk, operational risk, and action […]
One of the greatest sources of uncertainty for many UK organisations today is Brexit. It has the potential to affect all aspects of an enterprise from human resources management, finance and supply chain through to marketing, IT and information management. To establish how organisations are approaching the challenge, URM conducted an online survey with its […]
