
ISO 27001 is the International Standard for Information Security Management that provides any organisation, irrespective of size or sector, with a framework and an approach to protecting...

Annex A of ISO 27001 comprises 114 controls which are grouped into the following 14 control categories. Each of the 14 categories and provide you with a clear explanation of the primary objective...

For all of us, email can be both a blessing and a curse. On one hand you have the speed and convenience of communication, and on the other hand you have a significant information security risk...

The purpose of ISO 27002 is to provide organisations with guidance on selecting, implementing and managing information security controls, taking into account the organisation’s information security...

We are going to explore why the focus on a risk-based approach has helped turn ISO 27001, the International Information Security Management Standard, into such a world-beater.

Many organisations have had to adapt very quickly to the rapidly changing restrictions brought in across the globe to help combat the spread of COVID-19 and, in a lot of cases, this has meant that...

With the news often including stories regarding high-profile information security breaches, many of us find ourselves asking how we can we avoid hitting the headlines for all the wrong reasons.

A key role of risk management is helping organisations decide how limited resources can be most effectively used to address the most pressing business issues, e.g., threats to information security.

Following on from COVID, working from home is now a standard working practice, but how do we go about it in a secure way. In this blog, we aim to provide 10 top tips to enable you to keep important

‘How do we approach asset identification within our information security risk assessment?’. This blog examines which assets or asset types to include and should be read...
URM can offer a host of consultancy services to improve your DP policies, privacy notices, DPIAs ROPAs, privacy notices, data retention schedules and training programmes etc.
By attending URM’s online BCS Foundation Certificate in Data Protection course, you will gain valuable insights into the key aspects of current DP legislation including rights of data subjects and data controller obligations.
As a PCI QSA, URM can assist you with a range of services, including conducting gap analyses, helping you reduce your CDE scope, conducting penetration tests an