Sitemap

Posts by category

• Category: Advisory
  • Cybersecurity Landscape in the Telecommunications Sector 
  • How the Energy Sector Should Prepare for Cyber-Attacks
  • 100% Remote: IT Security Assessments & Compliance Attestations
  • What Is SOC for Cybersecurity?
  • COSO’s 2013 Framework- A New Standard for Internal Control
  • The NIST CSF Update: Everything You Need to Know to Get Up to Speed
  • Why Small Business Security Matters for Your Large Corporation
  • Why Your IT Company Needs a Security Audit Partner
  • The 4 Most Common Compliance Risks and How to Avoid Them
  • Prepare for the Increasingly Expanding Responsibilities of the Chief Risk Officer
  • Security Surprise: Enforcing Regular Password Changes Puts Your Organization at Risk
  • Labor Shortage & Other New Threats Emerge Going Towards 2022
  • Compliance Issues That Your Insurance Company Should Know
  • 12 Commonly Asked Questions About CIS Controls
  • COBIT & Val IT – How These Frameworks Help Your Business
  • What You Need to Know about the CMMC 
  • The Most In-Demand Certifications for IT Professionals
  • Understanding the EU Cybersecurity Act and Its Effect on Businesses
  • Would My Organization Benefit from the Utilization of a Third-Party Managed Security Service Provider?
  • Cybersecurity Post-Pandemic: Protecting Health Data from Rising Threats
  • The NIST Cybersecurity Framework: An Introduction to the 5 Functions
  • Why Compliance Isn’t Enough to Protect Your Organization  
  • Category: CCPA
    • Critical Cybersecurity Compliance for Law Firms 
    • New Strategy Paves the Way for National Cybersecurity Standards 
    • A Comparison of GDPR and CCPA
    • Do You Do Business in Nevada? Here’s What You Need to Know About Security
    • California Consumer Privacy Act: What You Need to Know About This New Legislation
    • Will the U.S. Adopt a Nationwide Data Privacy Law Similar to GDPR?
    • The Massachusetts Data Protection Act: Tightening Up Individual State Data Privacy Laws
  • Category: FISMA
    • Are You Confident That Your Organization Is FISMA Compliant?
  • Category: GDPR
    • Achieve & Maintain Peak GDPR Compliance with These 5 Technology Solutions
    • GDPR Three Years Later: What Impact Has It Made?
    • Our Takeaways from the Extension to ISO/IEC 27701:2019 – Will ISO 27701 Be the New GDPR Certification Standard?
    • Key Differences & Overlaps Between PCI and GDPR
    • The Only GDPR Compliance Checklist that You Need
  • Category: GLBA
    • Extended Deadline for Dealerships to Comply with FTC Safeguards Rule
    • Learn More About the GLBA Risk Assessment Matrix
    • Learn About the Types of Institutions That Benefit from a Successful GLBA Audit
    • Essential Guide to GLBA Compliance & Audits
  • Category: NERC
  • Category: NIST
    • Tips for Preparing Your Next NIST Risk Assessment
    • About NIST SP 800-53 | What You Need to Know to Maintain Compliance
    • Understanding MARS-E Compliance: Health Insurance Exchanges Security
  • Category: NYDFS
  • Category: VCISO
• Category: Audit & Assurance
  • When Will CMMC 2.0 Go into Effect? 
  • Top Compliance Challenges for Fintech Companies 
  • How Automation Became a Critical Tool in Cybersecurity Compliance 
  • 3 Steps to Creating a Successful Continuous Auditing Process
  • A Guide to Data Center Audits & Reports for a Variety of Industries and Specialized Requirements
  • Fine Tune Your Compliance By Better Understanding Model Audit Rule Requirements
  • The Five Types of Testing Methods Used During Audit Procedures 
  • SSAE No. 21: New AICPA Engagement for ‘Direct Examination’
  • Category: Agreed Upon Procedures
    • SSAE 19 Brings Greater Flexibility to Agreed-Upon Procedures  
    • Agreed-Upon Procedures vs. SOC 2 Audits: Which One Do You Need?
  • Category: Internal Audit
    • How Do Internal Audits Work?
    • Internal Control: 5 Key Principles of COSO Framework
    • The Evolution of COSO Compliance Objectives 
    • Outsourced and Co-sourced Internal Audits: Which One Is Right for Your Organization?
    • How Often Are Internal Audits Needed?
    • Learn What Attestation, Assurance and Auditing Means in the CPA Industry
    • Combining Risk Assessments & Internal Auditing Services
    • 2017 CPA Exam: Changes to Skill and Content Specifications
    • Auditing Exceptions and How They Might Impact Your SOC Reports
    • Gap Analysis vs. Internal Audit: Which Evaluation Process Do You Need?
    • What Does an Internal Auditor Do?
    • Internal Auditor’s Expanding Role in Enterprise Risk Management
    • Certified Information Systems Auditor (CISA): How Are They Qualified?
    • Benefits of Using a Third Party Service for Medical Claims Audits
  • Category: MAR/SOX
    • Ensuring Peak SOX Compliance for Your Organization
    • What Is a SOX Audit?
  • Category: Policies & Procedures
    • Ultimate Guide to Developing Compliance Policies & Procedures 
    • Tools to Leverage when Communicating about Compliance
    • Identifying Common Compliance Misconceptions
    • 3 Key Steps for Creating a Unified Control Framework to Simplify Compliance
  • Category: Remote Auditing
  • Category: Risk Management
    • How Will AI Change Supply Chain Risk Management?  
    • Risk Management, Risk Assessment or Risk Analysis: What’s the Difference?
    • Business Resilience: Goals for the New Year 
    • IRS-1075 Compliance Tips for Your Organization
    • Third-Party Risk Management: The Essential Guide
    • Try These 5 Steps to Complete a More In-Depth Threat Assessment
    • Powerful Tools for Weighing Positive Risk & Negative Risk
• Category: Certifications & Attestation
  • Category: GPP
    • Digital Goes Green as Data Centers as Renewable Energy Becomes Scalable 
  • Category: HIPAA/HITECH
    • Is Facebook to Blame for a Massive HIPAA Violation? 
    • Privacy vs. Confidentiality in a SOC 2: Do You Know the Differences?
    • HIPAA-Compliant Telehealth: Avoiding HIPAA Violations During A Pandemic
    • HIPAA Compliance & Cell Phones: Staying Compliant While Staying Connected
    • Do You Know the Difference Between HIPAA Privacy and Security Rules?
    • Should HIPAA Audit Logs be Kept for 6 Years?
    • Implement a Few Simple Tips To Ensure Year-End Compliance
    • Which Matters More: HIPAA or State Law?
    • Benefits of Combining PCI and HIPAA Compliance Efforts
    • HIPAA vs. HITRUST: What are the Differences?
    • HIPAA Compliance for File Sharing in 2021
    • HIPAA Compliance Checklist + 3 Sure Ways to Show Adherence
    • What Is in a HIPAA Risk Analysis & Tips for How to Pass Your HIPAA Audit?
    • What Is the Direct Liability of Business Associates Under HIPAA Rules?
    • What Do We Mean by “Protected Health Information”?
  • Category: HITRUST
    • HITRUST v11: Path to Certification Is Now 45% Faster 
    • What You Can Do NOW to Become a TEFCA Participant 
    • HITRUST Supports the TEFCA Program and QHIN Compliance  
    • HITRUST® Scope: Factors to Determine HITRUST Engagement
    • Overview of the HITRUST Quality Assurance Review Process
    • HITRUST Shared Responsibility™ Program: Understanding CSP Security Control Coverage
    • What Does It Mean to Be HITRUST Certified?
    • What Is a HITRUST® Interim Assessment?
    • Combining HITRUST® and SOC 2 Makes Compliance More Efficient
    • Benefits of Having a CPA Firm Perform your HITRUST CSF Assessment
    • HITRUST Glossary of Terms within the Phases of HITRUST
    • What to Know About the New HITRUST CSF v9.3: Effective January 1, 2020
    • Overview of the HITRUST Validated Assessment
    • HITRUST CSF 90-Day Rules: Maturation and Assessment Period Review
    • Time to Talk to Your Business Associates About HITRUST CSF Certification?
    • How the HITRUST PRISMA Model Delivers ‘Rely-Ability’
    • How the HITRUST CSF is Expanding Beyond Healthcare in 2020
    • The Cost of HITRUST® Certification: Why It’s Worth It
    • The HITRUST RightStart Program: An Accelerated Path to Compliance for Startups
    • Quickly Evaluate Third-Party Business Partners with HITRUST® Risk Triage
    • What Is the HITRUST CSF? Learn How to Protect Data Security
    • How to Get HITRUST Certification in 4 Clear Steps
    • HITRUST Maturity is the Strongest Defense Against Data Breaches
    • Build a Risk Management Program with the HITRUST CSF®
    • Quiz: Is HITRUST CSF the Right Choice for Your Organization?
    • Streamline Your SOC Audit Using HITRUST CSF Built-In Control Categories
    • What is the role of the External Assessor for HITRUST?
    • The Power of Gap Analysis & Remediation for HITRUST CSF Certification
    • HITRUST Implemented, 1-year (i1) Validated Assessment Now Available: Why It’s a Better Option 
    • HITRUST CSF Assessment Preparation Guide
    • How HITRUST Validated and Readiness Assessments Are Scored
    • Overview of the HITRUST CSF Readiness Assessment
    • I.S. Partners, LLC Obtains Approval as HITRUST CSF Assessor
  • Category: ISO
    • Companies Around the World Are Racing to Get ISO 50001 Certification 
    • Best Compliance Standards for Financial Service Providers 
    • Are You Ready for ISO 27001 2022? 
    • What Is ISO 20022? 
    • Crypto Projects: Compliance to Build Confidence 
    • Why Organizational Readiness Assessments are Important
    • SOC 2 vs. ISO 27001 & 27002: Which is Right for your Company?
    • Implementing NIST Cyber Security Framework Using ISO 27001 Is an Organic Process
    • What is the Difference Between ISO 27001 and ISO 27002?
    • How to Prepare for ISO 27001 Certification in 10 Steps
    • The Difference Between ISO Compliance, Certification & Accreditation in Management Systems
    • A Practical Approach to Asset Inventory for ISO 27001
    • Why Is ISO Certification More Popular Among U.S. Businesses?
    • 6 Steps to Help You Develop Your ISO 27001 Statement of Applicability
    • Understanding Compliance – ISO 27001 and ISO 27002
  • Category: PCI-DSS
    • Changes to Expect with the Transition to PCI 4.0 
    • What Non-Profits Need to Know About PCI Compliance 
    • What is a PCI RoC and Why Do You Need One?
    • Who is Liable for Your Website’s PCI Compliance? 
    • Alleviate Audit Anxiety with A Glossary Of PCI Terms
    • IT Incident Response Plan: Key Steps to Implement
    • PCI DSS SAQ Types: Which Type Is Right for Your Business?
    • PCI Non Compliance Fines & Consequences
    • An Important Question in Online Payments: Is PayPal PCI DSS Compliant?
    • A Guide to Keeping Phone Orders PCI Compliant
    • I.S. Partners, LLC Certified as a Qualified Security Assessor to Perform PCI-DSS
    • Utilizing the effectiveness of PCI DSS and NIST
    • How to Get Ready for a PCI Audit
    • Don’t Think You Need PCI Compliance Documentation? Think Again!
    • Experts Tips on How to Select a PCI-Compliant Service Provider
    • Why Small Businesses Need the Data Security Essentials (DSE) Toolkit
    • Do You Know Your PCI Compliance Level?
    • Is Your Server PCI Compliant?
    • Transition Expected in 2022 with the New PA-DSS Version
    • PCI Security Standards Council Releases Best Practices for Securing E-Commerce
    • Is Your Web Developer or Hosting Company Liable if Your Website is Not PCI Compliant?
    • How to Keep Employees and Your Organization PCI Compliant
    • Get Ready for the PCI DSS Version 3.2 Self-Assessment Questionnaires
  • Category: SOC 1
    • SOC 1 vs. SOC 2 Reports – Do You Know The Difference?
    • SOC 1 vs SOC2 vs SOC 3: What’s the Difference? 
    • Understand the Difference Between SOC 1 Type 1 & 2 Reports
    • 9 Steps to Prepare for a Smooth SOC 1 Audit
    • How to Find the Right SOC 1 Auditor: a Checklist
    • Who Is Certified to Complete a SOC Audit?
    • 5 Reasons Data Centers Need a SOC 1 Audit Report
    • How to Reduce Your E&O Insurance Premium with a SOC Audit
    • How to Write a Strong System Description for SOC 1
    • Prepare a Great Written Assertion for Your SOC 1 Examination 
    • The Best SOC 1 Reporting Approach
    • Why SOC 1 Is More Valuable than SOC 2?
    • SOC Audits Allow Customers to Trust a Payroll Company’s Services
  • Category: SOC 2
    • SOC Audit Process: the Carve Out vs. the Inclusive Method
    • SOC 2 Audits: What They Are & How to Stay Compliant
    • Frequently Asked Questions about the Trust Services Criteria (TSC)
    • What Do SOC 2 Reports Mean to Managed Service Providers?
    • Work from Home SOC 2: Overcoming Cyberattack Challenges
    • SOC 2 Certification Timeline: 8 Steps to Solid Preparation
    • 4 Critical Practices for SOC 2 Security Compliance
    • Simple Ways to Determine When to Include Processing Integrity into Your SOC 2 Audit
    • Are Pen Tests & Vulnerability Scans Needed for SOC 2 Report Compliance?
    • Cybersecurity: Is SOC or SOC 2 Right for Your Needs?
  • Category: SOC 3
    • When Should You Consider a SOC 3 Audit?
  • Category: SOC for Supply Chain
    • Will Disruptions Make Supply Chains More Vulnerable to Attack?
    • Securing Operational Processes with SOC for Vendor Supply Chains
• Category: Cybersecurity
  • How the 405(d) Program Supports Cybersecurity in Healthcare
  • CMMC Compliance Jeopardizes Federal Funding for Colleges
  • Top Mistakes to Avoid When Creating a Data Retention Policy  
  • Explore the Process of Data Mining to Discover the Best Techniques
  • 10 Security Essentials Your CIO Needs to Know for Peace of Mind
  • Establish an Effective Internal Control Environment That Reflects Your Organization’s Values
  • Virtual CISOs Are In Hot Demand: Here’s Why
  • How to Expand Mobile Device and Remote Work Security
  • The Future of Cybersecurity Regulations: March 1, 2017 New York DFS Changes
  • Ransomware Dominates the Threat Landscape in 2022
  • The WannaCry Ransomware String of Attacks: What Is the Story?
  • 5 Factors to Consider Increasing Reliance on Big Data
  • Protecting Personally Identifiable Information (PII)
  • The Top 5 Cybersecurity Challenges Facing Financial Service Institutions
  • An Overview of Complementary User Entity Controls
  • Data Security for Your Mobile Device
  • Category: Cloud Security
    • Checklist for SOC 2 Audit Preparation in Google Cloud 
    • New Social Engineering Attack Simulates Healthcare Software 
    • Leveraging Azure Tools for SOC 2 Compliance 
    • What to Know about Preparing for a SOC 2 Audit when Using AWS 
    • How Internal Auditing Differs when Applied to Cloud Environments
    • Cloud Service Providers Brace for New FISMA Regulations 
    • CSA Cloud Controls Matrix: Why It Is Important When Working With The Cloud
    • Webinar: “Overview of Cloud Basics”
    • What You Need to Know About SOC 2 for Cloud Security
    • Security for Healthcare Organizations in the Cloud with HITRUST® Assurance
    • Keep Data Safe with the Right CSP Audit
    • Top 5 Most Trusted, HIPAA-Compliant Cloud Storage Services
    • Pandemic Increases Urgency for Moving to the Cloud
    • Coming Soon: A Single Track to EU Cybersecurity Certification in the Cloud
    • What is the CLOUD Act and Can It Impact Your Business?
    • Protecting Patients’ Records, Maintaining Compliance, and Transforming Healthcare in the Cloud 
    • How Blockchain Boosts Cloud Security
  • Category: Cybersecurity Training
    • The Crucial Role of Ethics in IT Security and Compliance
    • Prevent Internal Fraud With Awareness and a Solid Strategy
    • Make Sure Your Team Is Meeting Compliance Controls & Processes
  • Category: Network Security
    • 6 Tips to Segment a Network to Better Protect Your System
    • Why Do You Need a Network Security Checklist?
    • How to Respond to a Data Breach
    • Safeguard Company Data: 7 Vital Tips to Increase Password Protection
    • A Cybersecurity Checklist to Get You into the Holiday Spirit
    • Guard Your Company’s Computing System from Ransomware
    • What are Webtrust and Systrust?
    • New Year’s Resolutions for Better Data Security in 2016
    • How Often Should You Have Your Database Updated?
    • The Latest Network Segmentation Guidance and How It Might Affect Your PCI DSS Scope
    • The 5 Top Data Breaches of 2015
    • Preparing for Cybersecurity in 2016
  • Category: Penetration Testing
• Category: General
  • Is Your Compliance Team Burnt Out
  • Can’t Miss Events: Best Compliance Conferences 2023 
  • Points Worth Repeating: Best Blogs of 2019 and Tips for 2020
  • Our Commitment to You: How We’re Expanding to Better Serve Our Clients in 2019
  • New Compliance Challenges in 2022
  • The Continuing Expansion of the Insurance Compliance Officer Role
  • Category: Automation
    • How Regulatory Compliance Helps Your Bottom Line 
    • PCI 4.0 Demands Automated Security Measures 
    • The Future of ISMS Demands Automation 
  • Category: Continuity
    • Guidelines for Developing your Data Retention Policy
    • Offsite Backup and Disaster Recovery for HIPAA Compliance in 2021
    • Business Continuity & Disaster Recovery Plans: Why It’s Critical to Update
    • How Internal Auditors Lead Disaster Recovery Planning
    • The Importance of Disaster Recovery for Healthcare Organizations and HIPAA Compliance
    • IT Security Challenges in Healthcare During the COVID-19 Pandemic
    • Top 4 Types of Risk Impacting Manufacturing Companies
    • Coronavirus Outbreak: Keeping Auditing & Compliance on Track with Remote Working
    • Disaster Recovery Terms Glossary
    • Everything You Need for Your Next Disaster Recovery Audit
    • What a Business Continuity Plan Is and Why You Need One Right Away
  • Category: Energy Industry
    • NERC CIP and the Importance of Consistent Compliance
    • The Advantages of ISO 50001 Certification & Upcoming Changes
    • Green Power Pass (GPP): The Benefits of Renewable Energy Certification
  • Category: Financial Industry
    • What Regulations Are on the Horizon for Fintech Companies? 
    • Case Study: Compliance & Security Support for FinTech Startup
  • Category: Healthcare Industry
    • Health3PT: Empowering Vendors to Tackle Third-Party Cyber Risks in Healthcare 
    • Data Privacy at Risk with Health and Wellness Apps
    • Interoperability & Compliance: Are They Pulling Healthcare in Different Directions? 
    • Revealing Healthcare’s Email Security Problem 
    • How to Reduce Risk When Working with Healthcare Business Associates
    • Is Joint Commission Accreditation Right for your Healthcare Brand?
    • HITRUST® Guidelines for Setting HIPAA-Compliant Passwords
    • Preventing Healthcare Data Breaches with the HITRUST CSF®
    • It’s Been A Tough Year For Healthcare Data Breaches 
  • Category: Outsourcing
    • What is a Virtual Compliance Officer (VCO)? 
    • Outsourcing IT Security vs. Hiring an In-House Specialist
    • Real Recession Solution: Fractional Compliance Services 
    • The Terrible Alternatives to Fractional Compliance Services 
    • You Don’t Actually Need to Hire a Compliance Officer 
  • Category: Telecomm Industry
    • What Is the FTC Red Flags Rule and Who Must Comply?
• Category: Uncategorized