Annex A

ISO 27001 vs SOC 2 - Part 3
Latest update:
12 Jul
2023

3rd part of question and answer session where URM compared and contrasted 2 of the world’s leading information security standards, ISO 27001 and SOC 2.

Read more
ISO 27001 vs SOC 2 - Part 2
Latest update:
10 Jul
2023

2nd part of question and answer session where URM compared and contrasted 2 of the world’s leading information security standards, ISO 27001 and SOC 2.

Read more
ISO 27001 vs SOC 2 - Part 1
Latest update:
10 Jul
2023

URM delivered a question and answer session where it compared and contrasted 2 of the world’s leading information security standards, ISO 27001 and SOC 2.

Read more
Information Security
updateD:
2/3/2023
ISO/IEC 27001:2022 Key Changes

Following the publication of ISO/IEC 27001:2022 on 25 October 2022, this blog will provide you with our high-level analysis of the key changes.

Data Protection
updateD:
21/2/2023
Are you adequately covering GDPR within your ISMS?

We have seen an increased focus on the General Data Protection Regulation (GDPR) by certification body (CB) assessors when conducting ISO 27001 audits.

Information Security
updateD:
21/2/2023
ISO 27002:2022 Update

The purpose of ISO 27002 is to provide organisations with guidance on selecting, implementing and managing information security controls.

Information Security
updateD:
21/2/2023
What are the Primary Objectives of the Controls Detailed in Annex A of ISO 27001:2013?  

Annex A of ISO 27001 comprises 114 controls which are grouped into the following 14 control categories.

Information Security
updateD:
21/2/2023
5 Common Fallacies Associated with ISO 27001 Certification

There are many good reasons to implement an information security management system (ISMS) and get it certified to ISO 27001.

Information Security
updateD:
21/2/2023
How Do You Meet the Asset Management Requirements of IS0 27001?

In order to meet the requirements of ‘Asset management’ A.8 from Annex A of ISO 27001, it is necessary to identify organisational assets and define protection

Information Security
updateD:
21/2/2023
Key Things You Should Know About ISO 27001

ISO 27001 is a standard for Information Security Management that provides any organisation with a framework to protect most valuable assets.

Information Security
updateD:
15/2/2023
Should You Start Your ISO 27001 Programme with a Gap Analysis or a Risk Assessment?

The answer depends on your goals and knowledge of your current position. This blog will look at which is best and when.

"
Having never gone through the Cyber Essentials Plus process on behalf of a client I was very impressed with how the process went on testing day and I cant wait to take other clients through the process with URM.
contact US

Let us help you

Let us help you in your compliance journey by completing the form and letting us know how we can best support you.