ISO 27001
What is ISO 27001?
To give it its full title, ISO/IEC 27001:2022 Information security, cybersecurity and privacy protection — Information security management systems — Requirements’...
What is the purpose of ISO 27001?
ISO 27001 provides a standardised approach that outlines how to manage information...
How does ISO 27001 work?
ISO 27001 advocates the use of an Information Security Management System (an ISMS for short), which is...
Why does ISO 27001 matter?
There are many ways your organisation can be impacted by a failure to protect your information...
When was ISO 27001 updated?
The current version of the Standard, ISO/IEC 27001:2022 replaced the 2013...
What changes were made with ISO/IEC 27001:2022?
The major change to ISO 27001, with the publication of the 2022 version, was the incorporation...
How to get ISO 27001 certification?
In order to provide further reassurance to your stakeholders, and customers in particular...
How long does it take to implement ISO 27001?
There is no straightforward answer to this question as it depends on the size and complexity...
Is there a legal requirement to comply with or be certified to ISO 27001?
There is, generally, no direct legal requirement as such. Organisations choose...
What are the 7 mandatory clauses of ISO 27001?
The 7 mandatory clauses which you are required to comply with are clauses...
What is the difference between ISO 27001 and ISO 27002?
ISO 27002 is a supporting document that provides guidance on 93 best practice information...
Can I use Annex A as an information security controls checklist?
Many organisations use the controls listed in Annex A as a menu or checklist of best...
Why work with URM?
- We have helped over 400 organisations to becomecertified to ISO 27001 across a range of sizes and industry sectors
- 100% certification guarantee
We could quote our experience – all our consultants have at least 5 years of experience of implementing and managing ISMS’ which has enabled them to truly understand the challenges before becoming consultants.
However, whilst all of these things are important, we believe it is our approach and our passion that really sets us apart.
For URM, it is vitally important that your ISMS and ISO 27001 implementation reflects and is appropriate to your organisation. Your ISMS needs to be pragmatic and maximises everything you have in place and becomes business as usual.
Doing something simply because the Standard says so and producing a document to reflect that, will never become fully embedded in your organisation.
Added to our approach and passion is our flexibility.
We will help you in the way that suits you best – whether that is through providing advice and guidance, taking responsibility for some of the requirements such as risk assessment and policy production or providing you with an experienced individual for a period of time.
ISO 27001 overview
Never miss a thing
Stay in the loop
Please provide your contact details and we will email you with any future changes to ISO 27001 (and the implications!).
URM’s consultants have assisted over 400 organisations achieve and maintain certification to ISO 27001.
Find out more
related BLog
Information Risk Assessment and Treatment in ISO 27001
Published on
5 Jun
2025
URM’s blog explains how to conduct information security risk assessments and implement risk treatments that are both efficient and ISO 27001 conformant.
Read more
Information Security
published on
29/5/2025
Implementing Technological Controls in ISO 27001URM’s blog offers key guidance on how to effectively implement technological controls in your organisation, the common challenges & how these can be overcome.
Read more
Information Security
published on
23/5/2025
ISO 27001:2022 - A.5 Organisational Controls (Legal, Regulatory and Contractual)URM’s blog explains the legal, regulatory & contractual controls in ISO 27001 & how they can be implemented in full conformance with the Standard.
Read more
Information Security
published on
19/5/2025
ISO 27001:2022 - A.5 Organisational Controls (Information Security Management)URM explains the 8 information security management controls included within the ‘Organisational controls’ theme and how to prepare for an audit of each control
Read more
"
URM have carried out our PCI DSS assessments for nearly 10 years. During that time they have shown expertise and commitment in helping us reach our goals. Last year we decided to go for Cyber Essentials Plus and had no hesitation in getting URM to assess us for that.
contact US
Let us help you
Let us help you in your compliance journey by completing the form and letting us know how we can best support you.