Blogs

URM answers key questions around data transfer impact assessments (DTIAs), providing detailed guidance on the best practice approach to conducting them.

URM explains benefits of implementation and applications of ISO 13485:2016 - standard for Quality Management for Medical Devices.

URM answers key questions around data protection impact assessments (DPIAs), providing detailed guidance on the best practice approach to conducting them.

Are you getting the best value out of your penetration testing? URM’s blog discusses alternative approaches to penetration testing.

URM details Clearview AI’s successful appeal against the ICO imposing a £7.5 million fine for breach of the UK GDPR and their grounds for reversing the ruling.

URM’s provides detailed guidance on how to conduct a business impact analysis (BIA) and ensure your business continuity plans are based on a solid foundation.

Meeting the new payment page requirements in PCI DSS v4.0 may seem tricky. URM provides detailed guidance on implementation and effective payment page security.

Everything you need to know about PCI DSS v4.0: With a particular focus on some of the more challenging requirements such as MFA and payment page scripts.

Transitioning to PCI DSS v4.0 sooner rather than later has its advantages and disadvantages, in this article URM explores both sides of the argument.

If your organisation is looking to transition to ISO 27001:2022, URM’s blog provides practical and invaluable guidance on meeting the new requirements.

Some organisations are using artificial intelligence (AI) to help respond to DSARs. But can AI provide a full and robust solution?

The consequences of unauthorised access are varied. Apart from financial losses, there is a loss of customer confidence. Can penetration testing prevent this?

We are answering questions: what is a GDPR DSAR, what information can a data subject request, what should you do when you receive a DSAR, and many more.

3rd part of question and answer session where URM compared and contrasted 2 of the world’s leading information security standards, ISO 27001 and SOC 2.

2nd part of question and answer session where URM compared and contrasted 2 of the world’s leading information security standards, ISO 27001 and SOC 2.

URM delivered a question and answer session where it compared and contrasted 2 of the world’s leading information security standards, ISO 27001 and SOC 2.

URM provides some top tips for achieving an effective and successful information security management system implementation

In this blog, we are discussing the top 10 ways in which URM believes COVID-19 has impacted, influenced or affected business continuity (BC).

This blog considers at high-level various possible legal ramifications of using Chatbots, especially ChatGPT, concerned with data protection risks.

URM is sharing its experiences on how the changes to the PCI DSS v4 affect the assessment process and how organisations can best prepare for the differences.

After the recent changes to PCI DSS v4.0 we're examining factors behind the greater utilisation of MFA, and what the key changes are in requirements.

When looking to comply with the General Data Protection Regulation (GDPR), it is always a worthwhile exercise....

On 23 January 2023, NCSC published an updated set of requirements, v.3.1 for the Cyber Essentials scheme....

Following the publication of ISO/IEC 27001:2022 on 25 October 2022, this blog will provide you with our high-level analysis of the key changes.

For all of us, email can be both a blessing and a curse. On one hand you have the speed and convenience of communication....

We are hearing a lot about phishing and phishing attacks currently so, in this blog, we will take a step back....

Almost all organisations that implement the Payment Card Industry Data Security Standard (PCI DSS) struggle with the scope of the applicability....

In this blog, we address one of the big questions facing organisations which accept payment cards....

In recent blogs, we have focused on how best to ensure you comply with the PCI Data Security Standard....

While it’s one of the areas that IT and security departments find challenging, documentation (and compliant evidence)....