GRC

Laptop and Secure Banking Device PINsentry
PCI DSS v4 – Changes at a Glance
Latest update:
30 Jun
2022

After several years wait, and to surprisingly little fanfare, the Payment Card Industry Security Standards Council (PCI SSC) released the new version of the PCI Data Security Standard (DSS)…

Read more
EU and UK flags
UK International Data Transfer Agreement
Latest update:
30 Jun
2022

On 2 February 2022, the Information Commissioner’s Office (ICO) laid before Parliament changes around restricted international personal data transfers. The international data transfer agreement…

Read more
Cubes stack one on the top of another create word RISK
Asset identification within RA
Latest update:
30 Jun
2022

A question which comes up time and time again is ‘How do I approach asset identification within my information security risk assessment’. Typically, this question is twofold; which assets to include

Read more
Data Subject Access Requests, Pen plus a padlock and folder icon
Data Protection
updateD:
30/6/2022
Responding to Data Subject Access Requests (DSARs)

There is nothing straightforward or simple about responding to a data subject access request (DSAR). Whilst responding to DSARs can be onerous and time-consuming, you cannot take any shortcuts.

Man behind the laptop
Information Security
updateD:
30/6/2022
PCI SSC Remote Assessment Guidelines and Procedures

The PCI SCC has recently released a new remote assessment guidelines and procedures. Here we address a number of key questions: What are the Main Contents? What Led to it Being Published? And others..

Security padlock reflected in glasses
Data Protection
updateD:
30/6/2022
When and How to Conduct a Data Protection Impact Assessment (DPIA)

A DPIA delivers a pre-emptive approach to assessing these risks, and by applying corrective actions can help prevent a data breach occurring. We present an outline of steps in conducting a DPIA

ROPA Spreadsheet
Data Protection
updateD:
30/6/2022
How to Create a Record of Processing Activities (ROPA)

Creating a ROPA will involve understanding and capturing processing activities throughout an organisation. In this blog, we will outline a step-by-step procedure on how you can create a ROPA.

ROPA Spreadsheet
Data Protection
updateD:
30/6/2022
Who Needs a ROPA and Why?

In this, the first of two blogs on ROPAs, we are going to address two fundamental questions: Which organisations need a ROPA? Why is it necessary to create and maintain a ROPA?

Padlock on the blue circuit board
Information Security
updateD:
30/6/2022
What is ISO 27001?

ISO 27001 is the International Standard for Information Security Management. Effectively, it provides any organisation, irrespective of size or sector, with a framework and an approach to protecting..

Golden padlock surrounded by keys
Information Security
updateD:
30/6/2022
Three Tips to Help you Simplify your Risk Management Process

A key role of risk management is helping organisations decide how limited resources can be most effectively used to address the most pressing business issues, e.g. threats to information security.

Handshake
Information Security
updateD:
30/6/2022
Benefits of Implementing ISO 27001

What are the Benefits of Implementing ISO 27001? We dig a bit deeper on the benefits that are gained from implementing the standard and from achieving certification.

"
Cyber Essentials Plus was a great exercise for the business to go through as some gaps were found and URM provided valuable information on remediation
contact US

Let us help you

Let us help you in your compliance journey by completing the form below and letting us know how we can best support you
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.