URM is proud to announce its involvement in the UK’s first ever accredited certification to ISO 27001:2013. URM assisted a large telecommunications organisation successfully transition over from ISO 27001:2005 to ISO 27001 in January 2014.
URM’s involvement in the transition project included:
- Conducting an updated information risk assessment, including mapping the 2005 controls to the 2013 controls and assessing all new or changed controls in the context of meeting the requirements of the 2013 Standard as well as considering additional relevant, up to date and appropriate controls and generating a new risk treatment plan (RTP). All of this was done using Abriska, URM’s ISO 27001:2013 compliant risk assessment tool
- Reviewing information security aspects of supplier relationships and business continuity.
- Implementing more targeted security metrics and measurements and improving performance evaluation
- Attending assessment visits and addressing queries from certification body (CB) assessors
Want to Know More About Certifying to ISO 27001:2013 ?
Want to Know More About Transitioning to ISO 27001:2013
Want to Know More About Scope Setting with ISO 27001:2013