Blog
Recent blogs

ISO 27001 Clause 8.1: Effective ISMS operational planning and control
Published on
03
July
2026
TRENDING
URM’s blog explains the requirements of ISO 27001 Clause 8.1 and why it matters, as well as sharing key insights on how to properly implement it in practice.
Read more
Cyber Security
Published on
31/10/2025
Deconstructing the EU Cyber Resilience ActTRENDING
URM’s blog breaks down the new EU Cyber Resilience Act, what products/entities are in scope, the security requirements it imposes on organisations, and more.
Cyber Security
Published on
23/10/2025
The Core Functions of NIST CSF: GovernTRENDING
URM’s blog breaks down the NIST CSF’s new Govern Function, its importance, and the policies, processes and activities you will need to have in place to comply.
Information Security
Published on
16/10/2025
Preparing for a Successful SOC 2 AuditTRENDING
URM’s blog offers key advice on what to expect from your SOC 2 audit in practice, the types of evidence you will need to provide, how best to prepare, and more.
Cyber Security
Published on
7/10/2025
Building Cyber Security Resilience Against PhishingTRENDING
URM’s blog explores the different forms of phishing attacks, the strategies used to exploit human vulnerabilities, & how to protect against these attacks.
Cyber Security
Published on
18/9/2025
Impending UK Government Cyber Security Legislation on Ransomware PaymentsTRENDING
URM’s blog explains the Government’s new proposed measures around ransomware attacks and payments, which organisations they would affect, & why they are needed.
Data Protection
Published on
17/9/2025
Analysis of ICO Enforcement Action January-June 2025TRENDING
URM’s blog reviews the ICO’s data protection enforcement actions in Jan-Jun 2025, outlining changes and emerging trends in its approach to enforcing compliance.
Business Continuity
Published on
12/9/2025
7 Key Tips for Communicating in a CrisisTRENDING
URM’s blog provides top tips for communicating in a crisis & developing an effective communications plan to help maintain business continuity during disruption.
Information Security
Published on
5/9/2025
ISO 27001 Clause 5.1: Leadership and Commitment ExplainedTRENDING
URM’s blog explores Clause 5.1 of ISO 27001, what you must do to meet its requirements, and why leadership & commitment are vital to an effective ISMS.
Data Protection
Published on
29/8/2025
The Data Protection Implications of Using Body Worn Video TechnologyTRENDING
URM’s blog breaks down the data protection aspects of body worn video cameras, and how to ensure your use of BWV is compliant with the GDPR.
Cyber Security
Published on
14/8/2025
Understanding Defence Cyber Certification (DCC)TRENDING
URM’s blog explains what DCC is, how compliance with the scheme and the process to certification work, and the benefits to obtaining certification.
Information Security
Published on
8/8/2025
ISO 27001: How Certification WorksTRENDING
URM’s blog breaks down the ISO 27001 certification process, the roles of certification bodies and UKAS, what auditors look for during assessments, and more.
Cyber Security
Published on
5/8/2025
Critical Cyber Security Practices to Defend Against Ransomware AttacksTRENDING
URM’s blog examines how ransomware occur, and highlights practical cyber security measures you can implement to reduce your exposure and mitigate security risk.
Data Protection
Published on
25/7/2025
Getting Ready for the Social Tenant Access to Information Requirements (STAIRs)TRENDING
URM’s blog highlights the steps PRPs can take to prepare for the introduction of the STAIRs & ensure they are compliant when these requirements come into force.
Information Security
Published on
18/7/2025
ISO 27001:2022 - A.5 Organisational Controls (Business Continuity)TRENDING
URM’s blog explores the ISO 27001 business continuity controls, why they matter, & how they can be effectively implemented to ensure conformance to the Standard
Cyber Security
Published on
11/7/2025
Supplementing Cyber EssentialsTRENDING
URM’s blog outlines the practical measures you can take following Cyber Essentials certification to further enhance your information & cyber security posture.
Information Security
Published on
3/7/2025
ISO 27001:2022 - A.5 Organisational Controls (Incident Management)TRENDING
URM’s blog breaks down the six incident management-related controls in Annex A of ISO 27001, providing key guidance on how to implement each control.
Data Protection
Published on
24/6/2025
DUA Act Finally Becomes LawTRENDING
URM’s blog explores the practical benefits of by the Data (Use and Access) Act and how they may reduce the data protection compliance burden on organisations.
Cyber Security
Published on
16/6/2025
Lexcel: Deconstructing Your Information Management and Security PolicyTRENDING
URM explains each control law firms must include in an information management and security policy that complies with the Lexcel Practice Management Standard.
Cyber Security
Published on
6/6/2025
Understanding Lexcel and the Specialist Quality Mark (SQM): How Cyber Essentials Can Benefit Your PracticeTRENDING
URM’s blog explores how Cyber Essentials can help your legal practice enhance its security posture and achieve/maintain its SQM or Lexcel accreditation.
Business Continuity
Published on
5/6/2025
Business Continuity Exercising TRENDING
URM’s blog explores BC exercising, including why it is beneficial, the different types of exercises, when they should be conducted, and who should be involved.
Quality Standards
Published on
29/5/2025
ISO 9001:2015 Clause 8.3: Design and DevelopmentTRENDING
URM’s blog explains Clause 8.3 of ISO 9001, its applicability, and the key considerations and practical steps required for conformance to this Clause.
Information Security
Published on
23/5/2025
ISO 27001:2022 - A.5 Organisational Controls (Legal, Regulatory and Contractual)TRENDING
URM’s blog explains the legal, regulatory & contractual controls in ISO 27001 & how they can be implemented in full conformance with the Standard.
Information Security
Published on
16/5/2025
ISO 27001:2022 - A.5 Organisational Controls (Information Security Management)TRENDING
URM explains the 8 information security management controls included within the ‘Organisational controls’ theme and how to prepare for an audit of each control
Information Security
Published on
9/5/2025
ISO 27001:2022 - A.5 Organisational Controls (Access Management)TRENDING
URM’s blog explores why the access controls in ISO 27001 matter, and how to implement each control in full conformance with both the Standard and best practice.
Cyber Security
Published on
1/5/2025
Cyber Essentials Questions Answered: Technical Requirements, BYOD Compliance and the Future of the SchemeTRENDING
URM’s blog answers key questions about CE, focusing specifically on its technical requirements, use of BYOD, and how the scheme may change in the future.
Information Security
Published on
24/4/2025
Quantum Computing – the Risks to Encryption and the Implications for PCI DSSTRENDING
URM’s blog explains the threat quantum computing poses to current encryption methods, how this may impact the PCI DSS, and how these challenges may be overcome.
Cyber Security
Published on
17/4/2025
Cyber Security and Resilience Bill Policy Statement – What to ExpectTRENDING
URM’s blog explains the measures the Bill will introduce, the entities it will bring into regulatory scope & what the Bill could mean for your organisation.
Information Security
Published on
16/4/2025
ISO 27001:2022 - A.5 Organisational Controls (Supplier Management)TRENDING
URM’s blog explains the importance of the 5 supplier management controls in ISO 27001 & provides practical guidance on how to implement each control.
Data Protection
Published on
3/4/2025
Privacy Policies Explained: Ensuring Transparency Under the GDPRTRENDING
URM’s blog explains the GDPR’s requirements for privacy policies, the common mistakes organisations make with these policies & how to avoid them.
Information Security
Published on
27/3/2025
ISO 27001:2022 Annex A Physical ControlsTRENDING
URM’s blog offers key advice on implementing the physical controls in Annex A of ISO 27001 and preparing for a successful physical controls audit.
URM can offer a range of support services when applying for Cyber Essentials Certification. Check our offer!
Find out more
how URM CAN HELP?
URM CONSULTING services
Achieve Full DORA Compliance with Confidence
Close your compliance gaps with expert support. We’ll deliver tailored, actionable recommendations to ensure you meet DORA requirements and protect your operations.
Read more
URM CONSULTING services
ISO 27002:2022 Support
URM can provide a range of ISO 27002:2022 transition services including conducting a gap analysis, supporting you with risk assessment and treatment activities as well as delivering a 2-day transition training course.
Read more
URM CONSULTING services
How robust is your cloud infrastructure security?
URM can deliver cloud pen testing, covering all types of deployments. We can conduct external unauthenticated testing, security configuration reviews, and internal testing if your cloud infrastructure is integrated into on-premise infrastructure.
Read more
"
The enthusiasm and passion URM consultants have for their subject matter is clearly evident in every engagement. They always take care to ensure that the advice they deliver is understandable and actionable.
contact US
Let us help you
Let us help you in your compliance journey by completing the form and letting us know how we can best support you.
