February 2019

  • 6

    How can URM help you to achieve PCI compliance and what is our approach?

    In our previous blog, we looked at where your PCI compliance journey starts.  The first step is understanding the flow of your payment card data – by that we mean where payment card information comes into your organisation, where it goes, who it is shared with, what systems and components it touches, where it is […]

  • 2

    Tips from URM – Are you adequately covering GDPR within your ISMS?

    We have recently seen an increased focus on the General Data Protection Regulation (GDPR) by certification body (CB) assessors when conducting ISO 27001 audits.  In the past, assessments have typically focused on whether organisations were registered with the Information Commissioner’s Office (ICO), whether they were complying with ‘Privacy and protection of personally identifiable information’ (ISO […]

  • 5

    What is PCI and how do you achieve compliance for your business?

    Achieve PCI DSS compliance for your business! So, let’s take a step back and define what is PCI. The Payment Card Industry Data Security  Standard, referred to as PCI DSS or quite simply PCI, was developed by the founding payment brands of the PCI Security Standards Council (SSC), including MasterCard Worldwide, Visa International, American Express, […]

  • 1

    Tips from URM – Think ‘Context’ When Managing Information Risks

    A common failing that we often see when organisations perform risk management is a lack of ‘complete’ understanding of the potential impacts of an information security breach from both internal and external perspectives, i.e. not fully understanding the context of the organisation.  You need to be thinking of risks from the perspective of all stakeholders, […]