What is Continuous Monitoring in Cybersecurity?
As organizations rely on technology ever more for day-to-day operations, the need for robust information security measures has become more critical than ever. Cybersecurity risks have risen, ...
March 17, 2023
FedRAMP Low, Moderate, High: Understanding Security Baseline Levels
July 20, 2022
Cloud Security Compliance: 11 Steps on the Stairway to Cloud Services Heaven
Organizations are increasingly turning to cloud-based IT solutions, which makes cloud security compliance standards more important than ever before. The steps to cloud security compliance, h ...
November 22, 2021
How to Create a Plan of Action & Milestones (POA&M)
Cybersecurity risks are always changing, and even with continuous monitoring it can be difficult to know which areas of your IT system need your attention the most. With so many potential we ...
April 13, 2021
What is Assessment and Authorization (A&A)?
As technological innovation continues to evolve, so do the nature and severity of cybersecurity threats. This makes robust information security controls and risk assessment high priorities f ...
March 15, 2021
SOC 2 Data Center Standards for Compliance, Explained
Organizations that use a data center to support their infrastructure and computing needs must consider compliance as part of their overall risk management and IT policy development strategie ...
March 1, 2021
Does FISMA Apply to State Governments?
FISMA, or the Federal Information Security Management Act of 2002, is part of the E-Government Act—a federal law in the United States, enacted by Congress, that provides data security stan ...
February 10, 2021
October 2020: Compliance Certification Roundup
October 2020: Compliance Certification Roundup Each month, Reciprocity highlights companies that have earned compliance certifications for information security frameworks. Here’s our O ...
October 13, 2020
July 2020: Compliance Certification Roundup
Each month, Reciprocity highlights companies that have earned compliance certifications for information security frameworks. Here’s our July 2020 roundup of compliance news from around ...
July 2, 2020
Risk Assessment Checklist NIST 800-171
The National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 is a subset of IT security controls derived from NIST SP 800-53. NIST SP 800-53 provides a catalo ...
May 10, 2020
What is NIST Special Publication 800-37 Revision 2?
National Institute of Standards and Technology (NIST) Special Publication (SP) 800-37 revision 2 is a Risk Management Framework for Information Systems and Organizations: A System Lifecycle ...
April 23, 2020
Top Risk Management Issues Facing Higher Education
Institutions of higher education (IHEs) are besieged by risk, especially cybersecurity and information security risk. Risk management for these institutions is critical but also extremely ch ...
December 24, 2019