
Under the UK GDPR, the majority of organisations processing personal data are required to create and maintain a ROPAs

Let’s face it, there is nothing straightforward or simple about responding to a data subject access request (DSAR).

We discuss the importance of ensuring that your whole organisation can identify a DSAR and the benefits of controlling the entry points of DSARs.

For all of us, email can be both a blessing and a curse. On one hand you have the speed and convenience of communication....

When looking to comply with the General Data Protection Regulation (GDPR), it is always a worthwhile exercise....

We provide some questions which should help you in determining your level of compliance with the GDPR

The GDPR (EU) 2016/679 is an EU regulation which came into effect on 25 May 2018 and set a new benchmark for the processing of personal data.

On 2 February 2022, the Information Commissioner’s Office (ICO) laid before Parliament changes around restricted international personal data transfers.

We look at the requirement within both the DPA and the GDPR to verify the identity of an individual making a request before acting or releasing information

Is there a catch-all international standard that effectively proves external verification of data protection compliance?

We have seen an increased focus on the General Data Protection Regulation (GDPR) by certification body (CB) assessors when conducting ISO 27001 audits.
As a CREST-accredited penetration testing organisation, URM can complete internal and external penetration tests
URM has developed a web-based learning management system, Alurna, which can be used to raise awareness of information security threats such as phishing.
As a long-established PCI QSA, URM is able to deliver a full PCI QSA-led audit and produce a report on compliance (RoC) as well as deliver a full QSA-led self-assessment questionnaire (SAQ)