Our information security and business continuity consultants are renowned for their knowledge transfer skillsLearn More
Tips from URM – What’s the difference between a certified and a compliant ISO 27001 management system?
This is the question of the week, what is the difference between a certified and a compliant ISO 27001 management system? There is some confusion about the difference between having an information security management system (ISMS) which is certified to ISO 27001 and one which is compliant or aligned to the Standard. This week’s top […]Read More
This week’s top tip looks at the requirement within both the DPA 2018 and the GDPR to verify the identity an individual making a request before acting or releasing information. Our clients are regularly raising questions and concerns with our consultants along the lines of ‘what do I need to do?’ Let’s start by […]Read More
Latest Blog Posts
This week’s blog tackles the question of storing cardholder data and why the Payment Card Industry Data Security Standard (PCI DSS) is so beneficial. Fundamentally, it is very clear on this topic – if you don’t need it, don’t store it. Furthermore, if you do need it, make sure that you know everywhere it is […]Read More
Definition With this week’s blog, the spotlight turns to internal audit and specifically in the context of ISO 27001, the International Standard for Information Security Management. We will step right back and look at internal auditing from the perspective of those new to the subject or those trying to understand where and why it fits. […]Read More
Whitepapers provide you with URM’s perspective and insights on topical and challenging issues. Our opinions are independently formed and heavily influenced by our extensive practical experiences of what has worked and not worked across a range of different scenarios and organisations.Learn More