CMMC Assessment
URM has a 17-year track record of providing high quality consultancy and training support, assisting organisations improve their information and cyber security, as well as information governance posture and capabilities. A particular niche skill is helping organisations to conform or certify to ‘best practice’ international (IS) standards, such as SOC 2, CMMC and ISO 27001. Having assisted over 400 organisations to achieve world recognised standards, URM has worked with organisations of all sizes from micro businesses to multi-national organisations and from all the major market sectors.
Get in touch
Please note, we can only process business email addresses.
Why URM for CMMC?
Track record
URM has a 17-year track record of providing high quality consultancy and training support, assisting organisations improve their information and cyber security, as well as information governance posture and capabilities. A particular niche skill is helping organisations to conform or certify to ‘best practice’ international (IS) standards, such as SOC 2, CMMC and ISO 27001. Having assisted over 400 organisations to achieve world recognised standards, URM has worked with organisations of all sizes from micro businesses to multi-national organisations and from all the major market sectors.
Tailored approach
URM is renowned for adopting a highly tailored and bespoke service, where its consultants are constantly striving to deliver sustainable solutions that meet both the current and future needs of the client organisation.
Flexible delivery
When transferring knowledge on meeting the requirements of CMMC URM can deliver this through various delivery mechanisms, i.e., through one-to-one support, workshops or training courses. Furthermore, when delivering remediation services to address gaps, URM’s support is tailored and flexible, based on the client’s requirements, internal knowledge and available resources. Support can be delivered on an activity-per-activity basis or where a consultant is allocated on a recurring basis, e.g., 1 day a week Such an engagement helps to ensure that remediation activities are followed through, remain compliant and that sufficient evidence for the audit is generated.
ISO 27001:2022 - A.5 Organisational Controls (Legal, Regulatory and Contractual)
URM’s blog explains the legal, regulatory & contractual controls in ISO 27001 & how they can be implemented in full conformance with the Standard.
URM explains the 8 information security management controls included within the ‘Organisational controls’ theme and how to prepare for an audit of each control
URM’s blog explores why the access controls in ISO 27001 matter, and how to implement each control in full conformance with both the Standard and best practice.
URM’s blog explains the importance of the 5 supplier management controls in ISO 27001 & provides practical guidance on how to implement each control.