Article

SOC 2 vs ISO 27001: Key Differences Between the Standards

Cyberattacks are a constant threat, which means that robust cybersecurity measures are a necessity for organizations of all sizes. Companies typically implement those measures by following o ...
March 30, 2024
Article

Audit Checklist for SOC 2

If your company is a service organization and your customers trust you with their data, you may need to pass a SOC 2 (System and Organization Controls 2) audit. Compliance and certificati ...
February 19, 2024
Article

NIST 800-171 Compliance Checklist

The National Institute of Standards and Technology's Special Publication 800-171 (NIST SP 800-171), Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations, is ...
February 18, 2024
Article

COSO-Based Internal Auditing

Internal audit and compliance departments benefit from having a comprehensive framework to use to perform corporate risk assessment and internal control testing as well as fight fraud. The m ...
January 30, 2024
Article

A HIPAA Physical Safeguards Risk Assessment Checklist

Embarking on the journey to HIPAA compliance demands a meticulous approach, particularly when it comes to safeguarding electronic Protected Health Information (ePHI). While aspects like the ...
January 30, 2024
Article

Choosing the Best Insurance Compliance Software for Your Business

Compared to most other business sectors, the insurance industry is tightly regulated — and for many good reasons. Most people rarely interact with their insurance company until something h ...
January 30, 2024
Article

What is Supply Chain Compliance?

Most companies sit in the middle of a supply chain. So, if your business wants to reduce the chance that one or more of your vendors could expose you to security, financial, or other risks, ...
January 23, 2024
Article

COBIT 2019 Audit Checklist

The alphabet soup of cybersecurity includes standards and regulations such as ISO, COBIT, COSO, NIST, NY DFS, and GDPR. While some industries must meet regulatory compliance requirements, ot ...
January 23, 2024
Article

Choosing a Governance Risk and Compliance Tool: Constant Vigilance

Managing your Governance, Risk, and Compliance (GRC) needs is challenging. To succeed, a business is well advised to use a dedicated GRC tool; the right one allows you to stay aware of your ...
January 23, 2024
Article

Automating NIST Cybersecurity Framework Control Info

Automating the National Institute of Standards and Technology (NIST) Cybersecurity Framework control documentation and processes is one way to help build a strong cybersecurity foundation. T ...
January 23, 2024
Article

Key Steps To Becoming NIST Compliant

Companies seeking to obtain the elusive Department of Defense (DoD) contracts understand the need to meet Defense Federal Acquisition Regulation Supplement (DFARS) minimum cybersecurity stan ...
January 23, 2024
Article

SOC 2 Data Center Standards for Compliance, Explained

Organizations that use a data center to support their infrastructure and computing needs must consider compliance as part of their overall risk management and IT policy development strategie ...
January 14, 2024
1 2 3 39