Home
>
Blogs
BLOGs

Blogs

categories
ASV Scanning
Azure Configuration Review
Business Impact Analysis
Business-led
CIS Benchmarking
CMMC
Cloud Testing
Cyber Essentials
Cyber Essentials Plus
DORA
DPA
DSAR Redaction
GC RTS
GDPR
ISO 13485
ISO 20000
ISO 22301
ISO 27001
ISO 27701
ISO 31000
ISO 42001
ISO 9001
Infrastructure Testing
Infrastructure Vulnerability Scanning
Integrating Management Systems
Mobile App Testing
NIST
PCI DSS 
Penetration Testing
Phishing Exercises
SOC 2
SWIFT CSP
Virtual DPO
Web Application and API Testing
Abriska 19011
Abriska 22301
Abriska 27001
Abriska 27036
Abriska 31000
Alurna
Artificial Intelligence
Business Continuity
CDP
CISMP
Cyber Essentials
Cyber Security
DPIA
DSAR
DTIA
Data Protection
Enterprise Risk
ISO 27001:2022 Transition
ISO 27002 Control Migration
IT Service Management
Information Security
Integrated Management Systems
Internal Audit
Introduction to ISO 27001
Introduction to ISO 42001
Management Systems and Integration
Other Standards
PCBCM
PCIRM
Penetration Testing
Products
Quality Standards
SAM
Security Awareness Training
Seminar
Social Engineering
Training
Vulnerability Scanning
Webinar
Recent posts
Governance, Risk Management and Compliance
|
Information Security
|
ISO 27701

ISO 27001:2022 Annex A Physical Controls

Wayne Armstrong
|
Senior Information Security Consultant and Consultant Manager at URM
Frazer Grudgings
|
Senior Consultant at URM
Published on
27
March
2025

URM’s blog offers key advice on implementing the physical controls in Annex A of ISO 27001 and preparing for a successful physical controls audit.

Read more
Information Security
Published on
3/7/2023
ISO 27001 vs SOC 2 - Part 2

2nd part of question and answer session where URM compared and contrasted 2 of the world’s leading information security standards, ISO 27001 and SOC 2.

Read more
Information Security
Published on
21/6/2023
ISO 27001 vs SOC 2 - Part 1

URM delivered a question and answer session where it compared and contrasted 2 of the world’s leading information security standards, ISO 27001 and SOC 2.

Read more
Information Security
Published on
22/5/2023
Wayne Armstrong
Top Tips For Implementing an Effective ISO 27001 Information Security Management System (ISMS)

URM provides some top tips for achieving an effective and successful information security management system implementation

Read more
Business Continuity
Published on
27/4/2023
Phillip Knight
10 Ways COVID Has Impacted Business Continuity

In this blog, we are discussing the top 10 ways in which URM believes COVID-19 has impacted, influenced or affected business continuity (BC).

Read more
Data Protection
Published on
6/4/2023
Stuart Skelly
Chatbots and Personal Data: Benefits and Risks

This blog considers at high-level various possible legal ramifications of using Chatbots, especially ChatGPT, concerned with data protection risks.

Read more
Information Security
Published on
14/3/2023
Alastair Stewart
Preparing For a PCI DSS v4.0 Assessment

URM is sharing its experiences on how the changes to the PCI DSS v4 affect the assessment process and how organisations can best prepare for the differences.

Read more
Information Security
Published on
15/2/2023
Alastair Stewart
PCI DSS v4.0 and Multi-Factor Authentication

After the recent changes to PCI DSS v4.0 we're examining factors behind the greater utilisation of MFA, and what the key changes are in requirements.

Read more
Data Protection
Published on
6/2/2023
Stuart Skelly
Analysis of Fines Imposed by the Information Commissioner’s Office in 2022

When looking to comply with the General Data Protection Regulation (GDPR), it is always a worthwhile exercise....

Read more
Cyber Security
Published on
24/1/2023
Cyber Essentials Scheme being Updated on 24 April 2023

On 23 January 2023, NCSC published an updated set of requirements, v.3.1 for the Cyber Essentials scheme....

Read more
Information Security
Published on
28/10/2022
Wayne Armstrong
ISO/IEC 27001:2022 Key Changes

Following the publication of ISO/IEC 27001:2022 on 25 October 2022, this blog will provide you with our high-level analysis of the key changes.

Read more
URM holds free seminars and webinars for end-user organisations focusing on information security.
Find out more
how URM CAN HELP?
URM CONSULTING services
Are your web applications secure?

Designed to assess the architecture, design and configuration of web applications, our web application pen tests use industry standard methodologies to identify vulnerabilities.

Read more
URM CONSULTING services
Book FREE Consultation

URM is pleased to provide a FREE consultation on Transitioning to ISO 27001:2022 for any UK-based organisation.

Read more
URM CONSULTING services
Are you looking for help preparing for a PCI DSS assessment?

As a PCI QSA, URM can assist you with a range of services, including conducting gap analyses, helping you reduce your CDE scope and conducting penetration tests.

Read more
"
Complicated topic summarised really simply making GDPR accessible. I would love a recording as was distracted part way through and would like to re-enforce my knowledge by listening again (possibly a couple of times just to get it to sink in......)
Alec S.
Webinar 'GDPR - Back to Basics'
contact US

Let us help you

Let us help you in your compliance journey by completing the form and letting us know how we can best support you.