URM's Consultancy Services
Ultima Risk Management (URM) is one of the UK's leading consultancies specialising in the areas of information security (ISO 27001 and PCI DSS) and governance, business continuity (BS 25999), risk management and data protection. The central tenet to URM's consultative approach is to ensure that all of its services are always 'guaranteed, tailored, appropriate, sustainable and balanced'.
ISO 27001 Certification (Guaranteed success!) and Compliance
URM offers a complete package of services relating to compliance and certification to ISO 27001, the leading International Standard for Information Security. URM’s services come with a 100% certification guarantee. These services include the identification and valuation of assets, conducting risk assessments, the development and implementation of risk treatment plans and the development of information security management systems (ISMS). (This includes policies, processes, audits and security awareness programmes).
BS 25999/ISO 22301 Certification (Guaranteed success!) and Compliance
BS 25999-2 was the first ever Standard to be developed for business continuity management (BCM) and was released in November 2007. On 16 May 2012, an International Standard ISO 22301:2012 (ISO 22301) 'Societal security – Business continuity management systems – Requirements' was launched. This Standard will effectively replace BS 25999 as the UK National Standard when the latter is withdrawn on 1 November 2012. A transition programme will be implemented which will effectively last 2 years with no BS 25999 certificates being issued after 2014. It is anticipated that certification to ISO 22301 will be available from late 2012/early 2013, including transition assessments for those organisations already certified to BS 25999.
Having been involved as the selected experts in the pilot BS 25999 certification projects and numerous successful projects since, URM can provide a 100% guarantee of certification and that any solution implemented will be appropriate, sustainable and will enhance the organisation’s business resilience. URM is adept at providing advice and guidance on all stages of the BCM lifecycle, from conducting a business impact analysis and risk assessment through to developing strategies and the implementation and testing of business continuity plans.
Payment Card Industry - Data Security Standard (PCI-DSS)
PCI DSS was developed by the founding payment brands of the PCI Security Standards Council, to enforce consistent data security measures on organisations which process credit card transactions for the protection of card data. URM is a Qualified Security Assessor (QSA), which means that it has been certified by the Payment Card Industry Security Standards Council (PCI SSC) to assess organisations compliance with the PCI Data Security Standard (DSS). Details of URM's assessment services can be found here. A separate team of URM's consultants can also assist organisations to comply to PCI DSS. Typically this will involve conducting a gap analysis against the twelve requirements and then assisting with remediation activities in order to ensure full compliance.
Data Protection Consultancy
The issue of data leakage, particularly personal data, is one that continues to challenge both public and private sector organisations. URM's consultants have extensive experience in advising organisations how best to secure personal data and to comply with the Data Protection Act (DPA). URM's data protection services take a pragmatic approach to assisting organisations to assess their level of and achieve compliancy.
URM's consultants have vast experience of all aspects of information security, business continuity, PCI DSS and data protection compliance. Each consultant has spent a considerable number of years working in both the user community and external consultancies delivering successful projects that provide business benefit to organisations.