Pages
- About
- Audit & IT Assurance
- Certification And Attestation
- Contact
- Cookie Policy
- Cybersecurity Assessment and Advisory Services
- Endorsements
- IS Partners Seals of Excellence
- IT Assurance
- Partnerships
- PCI DSS Assessment
- Penetration Testing Services
- Privacy
- Request a Quote
- Sitemap
- SOC & Healthcare Compliance, Cyber-security Assessments & Risk Mitigation Services
- Terms of Service
- Training
- Resources
- Virtual Audit Planning
Posts by category
- Category: Auditing Standards
- Category: Company News
- Category: Cybersecurity
- Pandemic Increases Urgency for Moving to the Cloud
- What You Need to Know about the CMMC
- 100% Remote: IT Security Assessments & Compliance Attestations
- IT Security Challenges in Healthcare During the COVID-19 Pandemic
- Impact of the EU Cybersecurity Act Surprises Many U.S. Businesses
- Top 4 Types of Risk Impacting Manufacturing Companies
- Cybersecurity: Is SOC or SOC 2 Right for Your Needs?
- Understanding the EU Cybersecurity Act and Its Effect on Businesses
- The NIST Cybersecurity Framework: An Introduction to the 5 Functions
- 12 Commonly Asked Questions About CIS Controls
- Privacy, Cybersecurity & ISO 27001: How Are They Related?
- The Top 4 Cybersecurity Attacks Your Business Could Face
- The NIST CSF Update: Everything You Need to Know to Get Up to Speed
- Prepare for the Increasingly Expanding Responsibilities of the Chief Risk Officer
- The Most In-Demand Certifications for IT Professionals
- Learn the Key Differences Between Vulnerability Scans and Penetration Tests
- Changes are on the Horizon for Your Encryption Protocols: Are You Ready?
- Would My Organization Benefit from the Utilization of a Third-Party Managed Security Service Provider?
- Compliance and Security Naturally Work Together in Harmony for Your Business
- A Closer Look at SOC for Cybersecurity for a Better Understanding
- Explaining the NIST Cybersecurity Framework
- Brushing Up Your Cybersecurity in 2018: How the Landscape Has Changed
- The Top 5 Cybersecurity Challenges Facing Financial Service Institutions
- Security Surprise: Enforcing Regular Password Changes Puts Your Organization at Risk
- Outsourcing IT Security vs. Hiring an In-House Specialist
- A Cybersecurity Checklist that will Get You Into the Holiday Spirit
- Reap the Benefits of SOC for Cybersecurity Assessment for Your Organization
- Category: Data Mining
- Category: Data Security
- University Network Security Is Now More Important Than Ever
- States Are Leading Efforts to Improve U.S. Data Privacy
- Do You Do Business in Nevada? Here’s What You Need to Know About Security
- The Massachusetts Data Protection Act: Tightening Up Individual State Data Privacy Laws
- What Is the FTC Red Flags Rule and Who Must Comply?
- Try These 5 Steps to Complete a More In-Depth Threat Assessment
- What is the CLOUD Act and Can It Impact Your Business?
- The Top 5 Factors to Consider When Using Big Data Technology
- 6 Tips to Segment a Network to Better Protect Your System
- Choose the Right Penetration Testing: Black Box vs. White Box
- Need-to-Know Details About Virtual CISOs
- 5 Key Steps to Developing a Solid Data Retention Policy
- What Does a GDPR Data Protection Officer Do: Do You Need One?
- How to Create An 8-Point Office IT Security Checklist
- The Top 5 Workplace Privacy Myths That Employees Must Stop Believing
- Keep Your Data Safe with the Right Audit for Your Cloud Service Provider
- Why Small Business Security Matters for Your Large Corporation
- Why Healthcare Security Is A Must
- The Future of Cybersecurity Regulations: March 1, 2017 New York DFS Changes
- The WannaCry Ransomware String of Attacks: What Is the Story?
- A Solid ERM Strategy Can Help Your Organization Achieve Effective Risk Management Control
- The Top 5 Data Breaches of 2016
- Vigilance Is the Key to Keeping Your Data Secure in 2017
- As the Mobile World Continues to Grow, So Should Your Data Security Efforts
- Personally Identifiable Information: What You Should Know and Do About Protecting It
- Cloud Service Provider Compliance and Its Importance to Your Business
- Data Security for Your Mobile Device
- Category: Network Security
- CSA Cloud Controls Matrix: Why It Is Important When Working With The Cloud
- 6 Questions to Consider Before Launching Your Next Penetration Test
- Build a Comprehensive Network Security Checklist for Your Organization
- Guard Your Company’s Computing System from Ransomware
- What are Webtrust and Systrust?
- COBIT & Val IT – How These Frameworks Help Your Business
- How Often Should You Have Your Database Updated?
- 5 Most Common Vulnerabilities in Your Organization’s Computing System
- Safeguard Company Data: 7 Vital Tips to Increase Password Protection
- Penetration Testing for Web Applications
- The 5 Top Data Breaches of 2015
- How to Respond to a Data Breach
- Preparing for Cybersecurity in 2016
- New Year’s Resolutions for Better Data Security in 2016
- Are USB Drives Undermining Your Network Security?
- Penetration Tests and Vulnerability Assessments: Two Different Methods of Fortifying Your Network
- Category: NIST Assessments
- Category: Penetration Testing
- Category: VCISO
- Category: Healthcare Compliance and Risk Mitigation
- Make Sure Your Team Is Meeting Compliance Controls & Processes
- How Can The COSO Framework Improve Your Organization’s Internal Controls
- 10 Security Essentials Your CIO Needs to Know for Peace of Mind
- IRS-1075 Compliance Tips for Your Organization
- Understanding MARS-E Compliance: Health Insurance Exchanges Security
- SSAE 18 Audits Allow Customers to Trust a Payroll Company’s Services
- Is Joint Commission Accreditation Right for your Healthcare Brand?
- How Do Internal Audits Work?
- The Five Types of Testing Methods Used During Audit Procedures
- Auditing Exceptions and How They Might Impact Your SOC Reports
- 11 Common Questions About SOC 2 Auditing and Reporting
- Establish an Effective Internal Control Environment That Reflects Your Organization’s Values
- The Continuing Expansion of the Insurance Compliance Officer Role
- SOC 2 Audits: What They Are and How to Stay Compliant, Part 1 of 2
- Privacy vs. Confidentiality in a SOC 2: Do You Know the Differences?
- How to Best Communicate Your Security and Compliance Requirements to Potential Business Clients & Partners
- The Evolving Role of SOC Reports: Anticipating the Development of SOC for Vendor Supply Chains
- 3 Key Steps for Creating a Unified Control Framework to Simplify Compliance
- Ethics Versus Compliance: Drawing a Distinction Between These Two Professions
- 2017 CPA Exam: Changes to Skill and Content Specifications
- Fine Tune Your Compliance By Better Understanding Model Audit Rule Requirements
- Implement a Few Simple Tips To Ensure Solid Year End Compliance
- Are You Confident That Your Organization Is FISMA Compliant?
- What Upcoming Regulatory Challenges May Your Organization Face?
- Are You Still Compliant with TSP Section 100?
- Identifying Common Compliance Misconceptions
- Prevent Internal Fraud With Awareness and a Solid Strategy
- Compliance Issues That Your Insurance Company Should Know
- SOC 2 vs. ISO 27001 & 27002: Which is Right for your Company?
- COSO’s 2013 Framework- A New Standard for Internal Control
- Category: Agreed Upon Procedures
- Category: California Consumer Privacy Act
- Category: Disaster Recovery
- Disaster Recovery Terms Glossary
- Everything You Need for Your Next Disaster Recovery Audit
- Who Is an Internal Auditor and How Is the Role Crucial to Disaster Recovery?
- Determine How Often You Need to Review and Update Your Disaster Recovery Plan
- What a Business Continuity Plan Is and Why You Need One Right Away
- How to Reduce Risk When Working with Healthcare Business Associates
- Disaster Preparedness and Recovery for Small Businesses
- Category: Enterprise Risk Management
- IT Incident Response Plan: Key Steps to Implement
- Business Leaders’ Top Concerns as Enterprise Risk Rises in 2020
- Risk Management, Risk Assessment or Risk Analysis: What Do You Need to Keep Risk in Check?
- Keep Tabs on the Future of Financial Risk Management
- Enterprise Risk Management [Part III]: 5 Examples of Positive Risk
- Enterprise Risk Management [Part II]: What is a Risk Assessment Matrix?
- Enterprise Risk Management [Part I]: A Primer on the Basics of Third-Party Risk Management
- Internal Auditor’s Expanding Role in Enterprise Risk Management
- Category: FISMA
- Category: GDPR
- The Key Differences Between PCI and GDPR
- Our Takeaways from the Extension to ISO/IEC 27701:2019 – Will ISO 27701 Be the New GDPR Certification Standard?
- GDPR One Year Later: What Impact Has It Made?
- Achieve & Maintain Peak GDPR Compliance with These 5 Technology Solutions
- 4 Ways to Use PCI DSS to Achieve GDPR Compliance
- Taking a Closer Look at the Role of Your CISO for GDPR
- Dos and Don’ts of GDPR Compliance
- U.S. Companies Need to Gear Up for GDPR Compliance: 5 Ways To Prepare
- Why Multinational Companies Need to Care About GDPR Compliance
- Category: GLBA
- 4 Tips for Consistently and Confidently Meeting GLBA Compliance Requirements
- Keys to A Successful GLBA Compliance Audit
- How to Avoid Common GLBA Compliance Mistakes
- Learn About the Types of Institutions That Benefit from a Successful GLBA Audit
- Learn More About the GLBA Risk Assessment Matrix
- Protect Your Financial Organization’s Private Data By Ensuring GLBA Compliance
- Category: HIPAA/HITECH
- HIPAA-Compliant Telehealth: Avoiding HIPAA Violations During A Pandemic
- Should HIPAA Audit Logs be Kept for 6 Years?
- What Is the Direct Liability of Business Associates Under HIPAA Rules?
- HIPAA vs. HITRUST: What are the Differences?
- HIPAA Privacy Rule vs. Security Rule
- What Is in a HIPAA Risk Analysis & Tips for How to Pass Your HIPAA Audit?
- What Is the HIPAA Privacy Law and What Does It Mean to Your Organization?
- Understanding the HIPAA Security Rule and Its Compliance
- The Importance of Disaster Recovery for Healthcare Organizations and HIPAA Compliance
- Which Matters More: HIPAA or State Law?
- Three Effective Ways to Prove HIPAA Compliance
- What Do We Mean by “Protected Health Information”?
- The 4 Most Common Compliance Risks and How to Avoid Them
- Top 4 Most Trusted, HIPAA-Compliant Cloud Storage Services [Updated for 2018]
- Common HIPAA Violations and How to Avoid Them
- Does HIPAA Certification Guarantee HIPAA Compliance?
- HIPAA Compliance & Cell Phones: Staying Compliant While Staying Connected
- PCI DSS Compliance vs. HIPAA Compliance: Key Similarities and Differences You Should Know
- HIPAA and PCI Compliance: The Overlap and Distinctions
- 7 Essential Questions to Ask Your HIPAA Hosting Provider
- What Your CISO Needs to Know About HIPAA
- Tracking Compliance Through Phase 2 HIPAA Audit Programs
- Your HIPAA Compliance Checklist
- The HITRUST and SOC 2 Alignment Improves Efficiency
- Finding Your Way in the New World of HIPAA/HITECH
- Category: HITRUST
- What Is a HITRUST® Interim Assessment?
- HITRUST® Scope: Factors to Determine HITRUST Engagement
- How HITRUST Validated and Readiness Assessments Are Scored
- What Is the HITRUST CSF? Learn How to Protect Data Security
- HITRUST Glossary of Terms within the Phases of HITRUST
- What Does It Mean to Be HITRUST CSF Certified?
- Overview of the HITRUST Quality Assurance Review Process
- Overview of the HITRUST CSF Validated Assessment
- HITRUST CSF Assessment Preparation Guide
- The Power of Gap Analysis & Remediation for HITRUST CSF Certification
- Your Essential Guide to the HITRUST CSF Certification Process
- Overview of the HITRUST CSF Readiness Assessment
- Streamline Your SOC Audit Using HITRUST CSF Built-In Control Categories
- The HITRUST RightStart Program: An Accelerated Path to Compliance for Startups
- Benefits of Having a CPA Firm Perform your HITRUST CSF Assessment
- HITRUST Shared Responsibility™ Program: Understanding CSP Security Control Coverage
- Organize an Information Risk Management and Compliance Program with the HITRUST CSF
- What to Know About the New HITRUST CSF v9.3: Effective January 1, 2020
- HITRUST CSF 90-Day Rules: Maturation and Assessment Period Review
- Bonding Industries Through HITRUST: How the HITRUST CSF is Expanding Beyond the Healthcare Industry
- What is the HITRUST CSF and How Can It Help Prevent Healthcare Data Breaches?
- I.S. Partners, LLC Obtains Approval as HITRUST CSF Assessor
- Category: Internal Audit
- Internal Control: 5 Key Principles of COSO Framework
- How Often Are Internal Audits Needed for Your Organization
- How to Choose an Internal Auditor
- Top 5 Benefits of an Internal Audit for Your Company
- Outsourced and Co-sourced Internal Audits: Which One Is Right for Your Organization?
- Why Organizational Readiness Assessments are Important
- Gap Analysis vs. Internal Audit: Which Evaluation Process Do You Need?
- Differences Between Risk Assessment vs. Internal Audit
- Learn More About Your Internal Auditor and 5 Things They Need for an Internal Audit
- Learn What Attestation, Assurance and Auditing Means in the CPA Industry
- Learn the ABCs of CISA
- Top Benefits Associated with Internal Audit Co-Sourcing
- Benefits of Using a Third Party Service for Medical Claims Audits
- Internal Control Audit of A Cloud Infrastructure
- Internal Audit: The Benefits of Inviting Outside Eyes In
- Category: ISO
- The Advantages of ISO 50001 Certification & Upcoming Changes
- ISO Audit Preparation: Get Ready for a Successful ISO Assessment
- The Difference Between ISO Compliance, Certification & Accreditation in Management Systems
- Four Good Reasons to Get ISO 27001 Certified
- Understanding Compliance – ISO 27001 and ISO 27002
- A Practical Approach to Asset Inventory for ISO 27001
- Implementing NIST Cyber Security Framework Using ISO 27001 Is an Organic Process
- What You Need to Know about ISO 27001 Changes Between 2013 and 2017
- ISO 27001 vs ISO 27002: Which Standard Is Best for Your Organization?
- 6 Steps to Help You Develop Your ISO 27001 Statement of Applicability
- Implementing an Information Security Management System That’s ISO 27001-Compliant
- A Commonsense Guide to the ISO 2700 Family of Standards
- Optimize Your Organization’s Information Security Management System
- Latest ISO 27001 Standards
- Category: MAR/SOX
- Category: NERC
- Category: PCI-DSS
- PCI DSS SAQ Types: Which Type Is Right for Your Business?
- PCI DSS 4.0: What Changes Can We Expect?
- Why Small Businesses Need the Data Security Essentials (DSE) Toolkit
- Don’t Think You Need PCI Compliance Documentation? Think Again!
- New Year, New Changes for PCI DSS and PA DSS
- How to Keep Employees and Your Organization PCI Compliant
- Is Your Server PCI Compliant?
- Changes Are on the Horizon from PCI SSC: Phasing Out PA-DSS v3.2 in 2022
- Utilizing the effectiveness of PCI DSS and NIST
- Facts and Misconceptions About PCI-DSS and PCI-DSS v3.2.1
- Alleviate Audit Anxiety with A Glossary Of PCI Terms
- What is a PCI ROC and Why Do You Need One?
- PCI Non Compliance Fines & Consequences
- PCI DSS Version 3.2.1: What Do You Need to Know About the January 1, 2019 Update?
- PCI Compliance vs. PCI Certification
- 5 Myths and Misconceptions about PCI Compliance
- A Guide to Keeping Phone Orders PCI Compliant
- Do You Know Your PCI Compliance Level?
- How to Draft Policy & Procedure Documentation: PCI DSS Requirement 12
- An Important Question in Online Payments: Is PayPal PCI DSS Compliant?
- 5 Ways to Reduce Your PCI Scope to Streamline Efforts and Costs
- How to Prepare for and Ace Your Upcoming PCI Audit
- Experts Tips on How to Select a PCI-Compliant Service Provider
- The PCI DSS v3.2 Update and Penetration Testing: What You Need to Know
- Get Ready for the PCI DSS Version 3.2 Self-Assessment Questionnaires
- Prepare for the 2018 PCI DSS 3.2 Changes: A Compliance Resource
- The Latest Network Segmentation Guidance and How It Might Affect Your PCI DSS Scope
- PCI Security Standards Council Releases Best Practices for Securing E-Commerce
- Is Your Web Developer or Hosting Company Liable if Your Website is Not PCI Compliant?
- Getting Your Organization in Line with PCI V3.2 Updates
- The Web Developers Guide to PCI DSS Compliance
- Top 4 PCI Audit Tips for Collection Companies
- The Newest PCI SSC Updates
- I.S. Partners, LLC Certified as a Qualified Security Assessor to Perform PCI-DSS
- Category: Third-Party Risk Management
- Category: SOC Compliance
- An Overview of Complementary User Entity Controls
- Who Is Certified to Complete a SOC Audit?
- Try These Tips to Improve Your Reading and Understanding of SOC 1 and SOC 2 Reports
- Category: SOC 1
- A Checklist to Find the Right SOC 1 Audit Provider
- How To Prepare for a SOC Audit
- 9 Steps to Prepare for a Smooth and Effective SOC 1 Audit
- Tips for Reading and Interpreting a SOC Report with Confidence
- SOC 1 and SOC 2 Reports – Do You Know The Difference?
- 5 Reasons Data Centers Need a SOC 1 Audit Report
- Prepare A Complete and Effective Written Assertion for Your Upcoming SOC 1 Audit
- How to Write a Strong System Description for SOC 1
- The Best SOC 1 Reporting Approach for Subservice Organizations and Vendors
- How to Reduce Your E&O Insurance Premium with a SOC Audit
- Understand the Difference Between SOC 1 Type 1 & 2 Reports
- Category: SOC 2
- Are Pen Tests & Vulnerability Scans Needed for SOC 2 Report Compliance?
- Building a Strong SOC 2 Team
- Our Guideline of a SOC 2 Timeline: Know What to Expect
- A No-Nonsense Guide to SOC 2 Data Classification
- SOC 2 Readiness Testing Is an Invaluable Tool for Service Organizations
- 4 Important Areas of Security Practice Critical to SOC 2 Compliance for Your Organization
- What Do SOC 2 Reports Mean to Managed Service Providers?
- SOC 2 Audits: What They Are and How to Stay Compliant, Part 2 of 2
- Getting Up to Speed with Trust Services Criteria Updates and Additions
- Simple Ways to Determine When to Include Processing Integrity into Your SOC 2 Audit
- 3 Need-To-Know Details About the SOC 2 Audit and AT Section 101
- Category: SOC 3
- Category: SOC for Supply Chain
Whitepapers
- The Complete Guide to Enterprise Risk Management
- The Complete Guide to GDPR Compliance [White Paper]
- Preparing for the Upcoming 2018 SOC 2 Changes
- Moving Your Organization from SSAE 16 to SSAE 18
- What You Should Know About HITRUST Compliance Before Moving to the Cloud
- Talking to Your Business Associates About HITRUST™
