URM’s blog explains how organisations can unintentionally and without realising fall into scope of the PCI DSS, despite not directly handling card data.

Events

About Us

About URM

Overview

URM Core Values

Certifications

CSR

Testimonials

Partners

Our Partners

Become Partner

Subscribe to our mailing list

Governance, Risk Management and Compliance

Information Security

Internal Audit

FAQ

Who are the typical auditees in an ISO 27001 internal audit?

During an internal audit, an auditor will need to speak to people at different levels and authorities within the business - such as:

The person who has overall accountability for the process, system or control
The person who conducts the process on a day-to-day basis
If auditing the awareness of employees, a random sampling of employees, chosen by the auditor, from different areas of the organisation will be needed

Contact Audit Experts Today

related BLog

No items found.

URM's diligence during these audits has resulted in the business as a whole pulling together to collectively ensure that we up to par with the requirements. While our working relationship with URM’s consultant is fantastic, we are held to account for every bullet point of every requirement on every audit, which is precisely what we expect.

Paul Stevens, Token

Open Banking Platform