Top Tips Archives - Page 2 of 4 - URM
  • Security breaches - How do we protect ourselves?, information security, cyber security, information security breach, cyber security breach, security breach, cyber sec breach, infosec breach, capita breach, capita infosec breach, capita, information ecurity blog, breach blog, urm consulting, urm consulting and training provider

    Security breaches – How do we protect ourselves?

    In recent weeks the news has, once again, been peppered with high-profile information security breaches. Many of us find ourselves asking, how do we avoid hitting the headlines for the wrong reasons? This week’s top tip looks at where to start. Avoiding security breaches is not the responsibility of a single individual, irrespective of technical […]

  • information security controls you should implement, infosec, information security, ISO 27001, International Standards

    Tips from URM – What dictates which information security controls you should implement?

    The information security controls that all organisations need to implement are heavily dependent on the information being stored, processed or transmitted and the purpose of the processing.  For example, whilst regular penetration testing may be appropriate for some organisations, it may not be required for others.   This is where risk management kicks in.  Best practice dictates that you need to identify the risks that your organisation faces before proceeding with the implementation of appropriate controls to reduce these risks to a level which is acceptable to your stakeholders.  Risk appetite will typically be defined by directors, shareholders or regulators along […]

  • Data Transfer, gdpr, data protection , information security, infosec,, infosecurity

    Data Transfer – Are Standard Contractual Clauses Sufficient?

    Are Standard Contractual Clauses Sufficient? This week’s top tip looks at a very specific area of GDPR – Article 28 to be precise and data transfer outside of the EEA. One of the ways in which you can legitimise an ex-EEA data transfer is by using the standard contractual clauses (SCCs). Article 28 mandates a […]

  • Quick and simple BC exercises, practica advice with regards to Business Continuity , ISO 22301 ISO International Standard, , top tip,

    Tips from URM – Quick and simple BC exercises

    In a previous blog we looked at the different types of exercise you can utilise to validate your business continuity approach.  This week’s top tip focuses on the desk check and facilitated discussion. At the simplest level, within any good business continuity (BC) exercise programme, lie the following two types of exercise: A sense check […]

  • ICO fines BA £183m fines can be levied for administrative and governance failures, not just data security breaches. Are you doing enough in reviewing and implementing appropriate information security and privacy management controls to limit the potential impact to your organisation?

    Tips from URM – Reviewing and Implementing Management Controls

    ICO fines BA £183m There are enough articles out there regurgitating the news about the BA data breach which we aren’t going to repeat.  For us the message is simple, and let’s make no bones about it, the Commissioner has enhanced powers under DPA 18/GDPR and clearly intends to use them. Prior to this fine, […]

  • Data Protection – What is the current focus?

    This week’s top tip focuses on data protection and the value of the information you can find on the Information Commissioner’s Office (ICO) website. There is a wealth of information available on the ICO’s website, however, probably one of the most visited areas is ‘Action We’ve Taken’.  In particular, the enforcement notices, audits, advisory visits […]

  • Latest recovery disaster, expect the unexpected, Business COntinuity, Thames Water,South American Power Cut, floods, ISO 22301

    Tips from URM | Expect the Unexpected – But have you Planned for the Unexpected?

    Have you Planned for the Unexpected? This week’s top tip reflects on the prevalent theme of ‘uncertainty’.  Whether it be the general backdrop of political uncertainty that has dominated our lives since 23 June 2016, the vexing Tory leadership race  as we await to see who will be our next Prime Minister or the unpredictability […]

  • Cyber / Information Security / Business Continuity management – Continuous Improvement , What next?

    Continuous Improvement, What next? This week’s top tip focuses on where to seek information and highlights a recently released report which contains useful and valuable information. A fundamental expectation of all ‘best practice’ ISO management systems is the requirement for a programme of continuous improvement.  There is often a danger within all organisations that programmes can […]