Governance, Risk Management and Compliance
|
Information Security
|
ISO 27001
|
ISO 27001
FAQ
FAQ

Why does ISO 27001 matter?

There are many ways your organisation can be impacted by a failure to protect your information and the consequences can be catastrophic.  
For example, in Europe, a failure to protect the personally identifiable information (PII) of your employees or customers could result in your organisation being prosecuted under the General Data Protection Regulation (GDPR).  
This carries with it fines of up to 4% of global turnover, or 20 million Euros, whichever is the higher.  
If a failure to protect information becomes public knowledge, it can also lead to negative publicity in traditional or social media, resulting in significant brand and reputational damage and impacting your organisation’s ability to generate revenue.
Implementing an ISMS based upon ISO 27001 will help you to identify where your greatest risks are and for you to deal with them appropriately, and reduce the likelihood of significant impacts occurring.  This will reassure your stakeholders that information security risk is being managed effectively.

The webinar 'was very engaging and informative - thank you!
Contact the ISO 27001 Experts Today
Book FREE Consultation
URM is pleased to provide a FREE consultation on Transitioning to ISO 27001:2022 for any UK-based organisation.
Find out more
related BLog
Governance, Risk Management and Compliance
|
Information Security
|
ISO 27001

Information Risk Assessment and Treatment in ISO 27001

Published on
5 Jun
2025

URM’s blog explains how to conduct information security risk assessments and implement risk treatments that are both efficient and ISO 27001 conformant.

Read more
Thumbnail of the Blog Illustration
Information Security
Published on
29/5/2025
Implementing Technological Controls in ISO 27001

URM’s blog offers key guidance on how to effectively implement technological controls in your organisation, the common challenges & how these can be overcome.

Read more
Thumbnail of the Blog Illustration
Information Security
Published on
23/5/2025
ISO 27001:2022 - A.5 Organisational Controls (Legal, Regulatory and Contractual)

URM’s blog explains the legal, regulatory & contractual controls in ISO 27001 & how they can be implemented in full conformance with the Standard.

Read more
Thumbnail of the Blog Illustration
Information Security
Published on
19/5/2025
ISO 27001:2022 - A.5 Organisational Controls (Information Security Management)

URM explains the 8 information security management controls included within the ‘Organisational controls’ theme and how to prepare for an audit of each control

Read more
"
URM have carried out our PCI DSS assessments for nearly 10 years. During that time they have shown expertise and commitment in helping us reach our goals. Last year we decided to go for Cyber Essentials Plus and had no hesitation in getting URM to assess us for that.
Ctalk
contact US

Let us help you

Let us help you in your compliance journey by completing the form and letting us know how we can best support you.