URM’s blog analyses the ICO’s enforcement action in 2025, highlighting surprising trends in its approach to enforcing compliance with data protection law.

Events

About Us

About URM

Overview

URM Core Values

Certifications

CSR

Testimonials

Partners

Our Partners

Become Partner

Subscribe to our mailing list

Governance, Risk Management and Compliance

Information Security

Internal Audit

FAQ

With ISO 27001, what do you audit against?

Organisations are required to conduct audits to provide evidence of conformance to:

The organisation’s own requirements for its ISMS
The mandatory clauses of the standard (clauses 4-10)
ISO 27001 Annex A (and other) controls which are included within the scope of the ISMS

Audits can also be aligned to processes, many of which will be been developed to meet the objectives of your ISMS and will complement the implementation of the clauses and controls of the Standard.

Contact Audit Experts Today

related BLog

No items found.

Whenever we have asked our QSA and account manager whether additional work is required outside of the annual cycle, there has never been a hard sell of any of URM’s services, and instead offer advice based on our compliance requirements and business needs.

Ambrose Neville

CISO at University of Surrey