![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/66a23982687cc22e78852ffc_Blog-Banner-ISO-9001.jpg)
5 Golden Rules for Implementing ISO 9001
URM’s blog offers advice and guidance on how to implement and maintain an ISO 9001-aligned QMS and receive the maximum benefit from your investment.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/66991ddf79f5bf7df8ffc6da_Blog-Thumb-ICO-Jun-24.jpg)
URM’s blog reviews ICO enforcement activities for the 1st half of 2024, highlighting trends & shifts in how it enforces against data protection breaches.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/6691368e9231e56779867a23_Blog-Thumb-CE-Access-Control.jpg)
URM’s blog offers advice on answering questions in the Cyber Essentials SAQ which relate to access control, admin accounts and authentication methods.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/668e89b44adde8432c2363cf_Blog-Thumb-CISMP.jpg)
URM’s blog discusses everything you need to know about the CISMP, including its benefits, who it’s suited to, the topics the CISMP covers, and more.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/66880f138965e189a7a24c21_Blog-Thumb-Oral-Reference.jpg)
URM’s blog explores a recent ECJ ruling which dictates that oral job references are covered by the GDPR
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/667d8890cf7aee7f88fcbf5a_Blog-Thumb-Pen-Test-Benefits-2.jpg)
URM’s blog outlines the key steps you can take during and after a penetration test to improve your organisation’s security posture.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/66604b5917698ed3d5151bce_Blog-Thumb-ISO42001-AIIA.jpg)
URM’s blog explores artificial intelligence impact assessments (AIIAs) and offers advice on how to conduct these assessments in full conformance with ISO 42001.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/665ffdc5b40d2f0968cb4628_Blog-Thumb-DP-Data-Analytics.jpg)
URM’s blog explores the data protection considerations for data analytics tools, and how to reap their many benefits while still maintaining GDPR compliance.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/665f17f6bf128466cbaef1d1_Blog-Thumb-PCI-DSS-TRA.jpg)
URM’s blog dissects the new PCI DSS requirements around targeted risk analysis, what they involve, and how the 2 types of TRA in the Standard differ.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/6634e5b1571c0919d3c0e295_Blog-Thumb-PCIDSS-Password.jpg)
URM’s blog drills down into the PCI DSS v4.0 requirements around forced password changes, with a particular focus on the addition of zero-trust architecture.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/6659dad50b195cd9015babc9_Blog-Thumb-Pen-Test-Benefits.jpg)
URM’s blog discusses how to prevent and mitigate the damage done by ransomware attacks, and how penetration testing can help your organisation avoid them.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/6656eda6414095f89d1a4d8d_Blog-Thumb-DP-EU-Bill.jpg)
URM’s blog explores the first formal European response to the DPDI Bill, and how the Bill may jeopardise the UK’s adequacy status when it reforms the UK GDPR.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/66475c333a56527c3cec4fcc_Blog-Thumb-ISO42001.jpg)
URM’s blog explores ISO 42001, its intentions and structure, and the AI perspectives that will need to be considered by organisations implementing the Standard.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/663c872e33caf2aa5ad9a1c7_Blog-Thumb-ISO27001-Pitfalls.jpg)
URM’s blog discusses the common pitfalls of the ISO 27001 implementation and certification process, and how you can avoid making the same mistakes.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/663395d3790b636e6eefcc7f_Blog-Thumb-ISO27001-Audit.jpg)
URM’s blog drills down into ISO 27001 audits, offering advice on how to effectively develop and implement an ISO 27001 conformant audit programme.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/663395d3790b636e6eefcc7a_Blog-Thumb-DP-and-AI.jpg)
URM’s blog discusses the data protection considerations for utilising AI technologies, and how organisations can stay GDPR compliant in their use of AI.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/663395d3790b636e6eefcc7c_Blog-Thumb-PCI-DSS-Details-1.jpg)
URM’s blog explains the wording changes in Requirement of the PCI DSS v4.0, offering advice on how organisations can select and use the most appropriate NSCs.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/663395d3790b636e6eefcc72_Blog-Thumb-BC-Robust-Plans.jpg)
URM’s blog discusses the key steps to take in order to develop robust and effective business continuity plans which will enable you to recover from disruption.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/663395d3790b636e6eefcc6f_Blog-Thumb-CE-What-Next.jpg)
URM’s blog discusses the best next steps your organisation can take following Cyber Essentials certification to further enhance its security posture.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/663395d3790b636e6eefcc6d_Blog-Thumb-Ransomware.jpg)
URM’s blog discusses how to prevent and mitigate the damage done by ransomware attacks, and how penetration testing can help your organisation avoid them.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/663395d3790b636e6eefcc6b_Blog-Thumb-DPDI.jpg)
URM’s blog discusses the Data Protection and Digital Information (DPDI) Bill, how it will diverge from the current GDPR, and the impact it may have when passed.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/663395d3790b636e6eefcc69_Blog-Thumb-Preparing-for-Transition-to-PCI-DSS-v4.jpg)
URM’s blog answers key questions about the practicalities of PCI DSS v4.0 transition assessments and how you can best prepare for a successful v4.0 transition.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/663395d3790b636e6eefcc66_Blog-Thumb-CE-Challenges.jpg)
URM’s blog discusses common issues we see with Cyber Essentials and Cyber Essentials Plus certification projects, and how you can avoid making the same mistakes
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/663395d3790b636e6eefcc61_Blog-Thumb-Enforcement-Actions.jpg)
URM’s blog breaks down which Articles of the GDPR have seen the greatest number of enforcement actions by the ICO, and which have gone largely unenforced.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/663395d3790b636e6eefcc5c_Blog-Thumb-Interested-Parties.jpg)
URM’s blog provides advice and guidance on how you can meet the ISO 27001 requirements around interested parties and their needs and expectations.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/663395d3790b636e6eefcc58_Blog-Thumb-ISO27001-Lessons-Learnt.jpg)
URM’s blog, produced in collaboration with BSI, discusses common mistakes we have seen in early ISO 27001:2022 transitions, and how to avoid them.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/663395d3790b636e6eefcc56_Blog-Thumb-Security-Incident.jpg)
URM’s blog discusses the testing, assessments, exercises and reviews you can conduct following a cyber security incident to strengthen your security posture.
![](https://cdn.prod.website-files.com/62cfde4482857dba1f7253db/65e6e8f10965d956d5ba1f61_Blog-Thumb-Complying-with-CE-CE%2B.jpg)
URM’s blog answers key technical questions about Cyber Essentials and Cyber Essentials Plus, what’s in scope, CE compliant use of BYOD, and more.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/663395d3790b636e6eefcc52_Blog-Thumb-Climate-Change.jpg)
On 22 February 2024 ISO and IAF released a joint statement relating to an amendment to a total of 31 existing Annex SL management system standards.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/663395d3790b636e6eefcc50_Blog-Thumb-ISO27001-Transitioning-TImeline.jpg)
Blog, produced in collaboration with BSI, discusses the timeline for transition to ISO 27001:2022 and what you can expect from your transition assessment.
![](https://cdn.prod.website-files.com/663395d3790b636e6eefc3f0/663395d3790b636e6eefcc4a_Blog-Thumb-GDPR-Back-to-Basics.jpg)
URM’s blog explains the core principles which underpin the GDPR and outlines some key policies that can help organisations achieve and maintain compliance.
URM can offer a host of consultancy services to help you managing DSARs, DPIAs ROPAs, privacy notices, data retention schedules and training programmes.
URM is pleased to provide a FREE 30 minute consultation on business continuity for any UK-based organisation.
URM can offer a host of consultancy services to improve your DP policies, privacy notices, DPIAs, ROPAs, privacy notices, data retention schedules and training programmes etc.