6
April 2023

URM Transitions to ISO 27001:2022

Having been certified to ISO 27001 since 2005, when the world’s foremost information security management standard was originally published, URM has now become one of the UK’s first organisations to transition to the latest version of the Standard (2022).  Lisa Dargan, Director, at URM comments “ISO 27001 has always been absolutely central to the consultancy, training services and products we offer, and we are thrilled to be one of the first to transition to the 2022 version.  Our experiences will be invaluable in helping to advise and guide others achieve a seamless transition.”

Read moreRead more
24
January 2023

Cyber Essentials Scheme Being Updated on 24 April 2023

On 23 January 2023, the National Cyber Security Centre (NCSC) published an updated set of requirements, version 3.1, for the Cyber Essentials Scheme which come into force on 24 April 2023.   Whilst the changes are described as being more light touch in comparison to the 2022 update, extra guidance and clarification is provided on compulsory and non-compulsory controls.  A significant number of clarification and guidance updates have been made to improve the user friendliness and accessibility of the Scheme.  Of greater significance to many organisations, 24 April 2023 represents the deferred date when they will need to meet the 2022 update requirements by protecting all Cloud-based user accounts with multi-factor authentication (MFA), removing or segregating all unsupported software and supporting all in-scope thin clients with security updates.

Read moreRead more
10
January 2023

URM Awarded Accreditation to the CREST OWASP Verification Standard

In November 2022, URM became one of the first companies in the UK to be awarded accreditation to the CREST OWASP Verification Standard (OVS ) to deliver both Level 1 and Level 2 Application Security Verification Standard (ASVS) and Mobile Application Security Verification Standard (MASVS) assessments for Web and mobile applications.

Read moreRead more
25
October 2022

ISO/IEC 27001:2022 Published on 25 October

On 25 October 2022, the International Organization for Standardization published the latest version of ISO 27001 and updated its title to ‘Information security, cybersecurity and privacy protection — Information security management systems — Requirements’.  In line with its title, this latest version of ISO 27001 reflects a broader context and that preventing, detecting and responding to cyberattacks is now considered, as well as protecting information and data.

The 2022 version of the Standard provides the updated requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS) within the context of your organisation.

Read moreRead more

Top Tips For Implementing an Effective ISO 27001 Information Security Management System (ISMS)

Published on:
22 May
2023

URM provides some top tips for achieving an effective and successful information security management system implementation

Read more
Thumbnail of the Blog Illustration
Business Continuity
Published on:
27/4/2023
10 Ways COVID Has Impacted Business Continuity

In this blog, we are discussing the top 10 ways in which URM believes COVID-19 has impacted, influenced or affected business continuity (BC).

Read more
Thumbnail of the Blog Illustration
Data Protection
Published on:
6/4/2023
Chatbots and Personal Data: Benefits and Risks

This blog considers at high-level various possible legal ramifications of using Chatbots, especially ChatGPT, concerned with data protection risks.

Read more
Thumbnail of the Blog Illustration
Information Security
Published on:
14/3/2023
Preparing For a PCI DSS v4.0 Assessment

URM is sharing its experiences on how the changes to the PCI DSS v4 affect the assessment process and how organisations can best prepare for the differences.

Read more
"
URM's diligence during these audits has resulted in the business as a whole pulling together to collectively ensure that we up to par with the requirements. While our working relationship with URM’s consultant is fantastic, we are held to account for every bullet point of every requirement on every audit, which is precisely what we expect. The consultant’s efforts in ensuring that our PCI compliance is audited correctly is highly appreciated, as it gives the company an accreditation that we can be proud of and that we can show off to existing and prospective customers as proof of our security posture. A huge thank you to URM for providing such a valuable service.
Open Banking Platform
contact US

Let us help you

Let us help you in your compliance journey by completing the form and letting us know how we can best support you.