
The General Data Protection Regulation (EU) 2016/679 (GDPR) is an EU regulation which came into effect on 25 May 2018 and set a new benchmark for the processing of personal data. It applies to any...

Under the UK General Data Protection Regulation (UK GDPR), the majority of organisations processing personal data are required to create and maintain a formal record of processing activities (ROPA)...

Let’s face it, there is nothing straightforward or simple about responding to a data subject access request (DSAR).

On 2 February 2022, the Information Commissioner’s Office (ICO) laid before Parliament changes around restricted international personal data transfers. The international data transfer agreement...

In this blog, we will discuss the importance of ensuring that your whole organisation can identify a DSAR, the benefits of controlling the entry points of DSARs and creating a centralised DSAR process

This blog looks at the requirement within both the DPA 2018 and the GDPR to verify the identity of an individual making a request before acting or releasing information. Our clients are regularly...

A question we are increasingly asked is ‘Is there a catch-all international standard that effectively proves external verification of data protection compliance?’ It would be great if the answer to..

The easy way (if it was available!) would be to certify to an approved UK GDPR certification scheme. The Data Protection Act 2018 gave the UK’s privacy regulator, the Information Commissioner’s...

We have seen an increased focus on the General Data Protection Regulation (GDPR) by certification body (CB) assessors when conducting ISO 27001 audits. In the past, assessments typically focused on..
As a long-established PCI QSA, URM is able to deliver a full PCI QSA-led audit and produce a report on compliance (RoC) as well as deliver a full QSA-led self-assessment questionnaire (SAQ)
If uncertain, URM is able to conduct a high-level GDPR gap analysis which will assist you understand your current levels of compliance and identify gaps and vulnerabilities.
Find out what you will need to carry out in order to have an effective ISO 27001 auditing function and programme