Recent posts on
Annex A
ISO 27001 vs SOC 2 - Part 3
Latest update:
12 Jul
2023
3rd part of question and answer session where URM compared and contrasted 2 of the world’s leading information security standards, ISO 27001 and SOC 2.
Read more
ISO 27001 vs SOC 2 - Part 2
Latest update:
10 Jul
2023
2nd part of question and answer session where URM compared and contrasted 2 of the world’s leading information security standards, ISO 27001 and SOC 2.
Read more
ISO 27001 vs SOC 2 - Part 1
Latest update:
10 Jul
2023
URM delivered a question and answer session where it compared and contrasted 2 of the world’s leading information security standards, ISO 27001 and SOC 2.
Read more
Information Security
updateD:
2/3/2023
ISO/IEC 27001:2022 Key ChangesFollowing the publication of ISO/IEC 27001:2022 on 25 October 2022, this blog will provide you with our high-level analysis of the key changes.
Data Protection
updateD:
21/2/2023
Are you adequately covering GDPR within your ISMS?We have seen an increased focus on the General Data Protection Regulation (GDPR) by certification body (CB) assessors when conducting ISO 27001 audits.
Information Security
updateD:
21/2/2023
ISO 27002:2022 UpdateThe purpose of ISO 27002 is to provide organisations with guidance on selecting, implementing and managing information security controls.
Information Security
updateD:
21/2/2023
What are the Primary Objectives of the Controls Detailed in Annex A of ISO 27001:2013? Annex A of ISO 27001 comprises 114 controls which are grouped into the following 14 control categories.
Information Security
updateD:
21/2/2023
5 Common Fallacies Associated with ISO 27001 CertificationThere are many good reasons to implement an information security management system (ISMS) and get it certified to ISO 27001.
Information Security
updateD:
21/2/2023
How Do You Meet the Asset Management Requirements of IS0 27001?In order to meet the requirements of ‘Asset management’ A.8 from Annex A of ISO 27001, it is necessary to identify organisational assets and define protection
Information Security
updateD:
21/2/2023
Key Things You Should Know About ISO 27001ISO 27001 is a standard for Information Security Management that provides any organisation with a framework to protect most valuable assets.
Information Security
updateD:
15/2/2023
Should You Start Your ISO 27001 Programme with a Gap Analysis or a Risk Assessment?The answer depends on your goals and knowledge of your current position. This blog will look at which is best and when.
URM regularly holds FREE seminars on implementing ISO 27001.
Find out more
How URM can help?
Consultancy
Do you need help preparing for and conducting internal ISO 27001 audits?
URM can help you with ISO 27001 audit
Read more
Consultancy
Are you looking for help preparing for a PCI DSS assessment?
As a PCI QSA, URM can assist you with a range of services, including conducting gap analyses, helping you reduce your CDE scope and conducting penetration tests.
Read more
Consultancy
Rapid Penetration Test Quote
Do you need support in meeting your annual PCI DSS penetration testing requirements? CREST-accredited URM can complete internal and external penetration tests for your organisation.
Read more
contact US
Let us help you
Let us help you in your compliance journey by completing the form and letting us know how we can best support you.
