Sitemap

Posts by category

• Category: Auditing Standards
  • How Automation Became a Critical Tool in Cybersecurity Compliance 
  • 3 Steps to Creating a Successful Continuous Auditing Process
  • A Guide to Data Center Audits & Reports for a Variety of Industries and Specialized Requirements
  • Our Commitment to You: How We’re Expanding to Better Serve Our Clients in 2019
  • SSAE No. 21: New AICPA Engagement for ‘Direct Examination’
  • Category: SSAE 18
    • Subservice Organizations & SSAE-18: The Carve Out vs. The Inclusive Method
    • Attestation Matters Regarding SSAE 16 and the New Release of SSAE 18
    • What Is Required for Your SSAE 18 Reports?
  • Category: SSAE-16
    • The New World Created by SSAE 16
• Category: Company News
  • Points Worth Repeating: Best Blogs of 2019 and Tips for 2020
  • Coronavirus Outbreak: Keeping Auditing & Compliance on Track with Remote Working
  • Category: Automation
    • The Future of ISMS Demands Automation 
    • The Five Types of Testing Methods Used During Audit Procedures 
    • The Rising Cost of Compliance and How to Optimize Efforts 
  • Category: Remote Auditing
    • Work from Home SOC 2: Overcoming Cyberattack Challenges
    • You Don’t Actually Need to Hire a Compliance Officer 
• Category: Cybersecurity
  • How the Energy Sector Should Prepare for Cyber-Attacks
  • 100% Remote: IT Security Assessments & Compliance Attestations
  • What Is SOC for Cybersecurity?
  • COSO’s 2013 Framework- A New Standard for Internal Control
  • The NIST CSF Update: Everything You Need to Know to Get Up to Speed
  • Outsourcing IT Security vs. Hiring an In-House Specialist
  • Why Your IT Company Needs a Security Audit Partner
  • Prepare for the Increasingly Expanding Responsibilities of the Chief Risk Officer
  • Security Surprise: Enforcing Regular Password Changes Puts Your Organization at Risk
  • Labor Shortage & Other New Threats Emerge Going Towards 2022
  • The Top 5 Cybersecurity Challenges Facing Financial Service Institutions
  • IT Security Challenges in Healthcare During the COVID-19 Pandemic
  • 12 Commonly Asked Questions About CIS Controls
  • Top 4 Types of Risk Impacting Manufacturing Companies
  • The Most In-Demand Certifications for IT Professionals
  • Understanding the EU Cybersecurity Act and Its Effect on Businesses
  • Would My Organization Benefit from the Utilization of a Third-Party Managed Security Service Provider?
  • Cybersecurity Post-Pandemic: Protecting Health Data from Rising Threats
  • How Can The COSO Framework Improve Your Organization’s Internal Controls
  • The NIST Cybersecurity Framework: An Introduction to the 5 Functions
  • Cybersecurity: Is SOC or SOC 2 Right for Your Needs?
  • Why Compliance Isn’t Enough to Protect Your Organization  
  • Category: Cloud Security
    • CSA Cloud Controls Matrix: Why It Is Important When Working With The Cloud
    • Webinar: “Overview of Cloud Basics”
    • Keep Data Safe with the Right CSP Audit
    • Pandemic Increases Urgency for Moving to the Cloud
    • Coming Soon: A Single Track to EU Cybersecurity Certification in the Cloud
    • What is the CLOUD Act and Can It Impact Your Business?
    • Protecting Patients’ Records, Maintaining Compliance, and Transforming Healthcare in the Cloud 
  • Category: Cybersecurity Training
  • Category: Data Mining
    • Explore the Process of Data Mining to Discover the Best Techniques
  • Category: Data Security
    • Top Mistakes to Avoid When Creating a Data Retention Policy  
    • Why Healthcare Security Is A Must
    • Why Small Business Security Matters for Your Large Corporation
    • Virtual CISOs Are In Hot Demand: Here’s Why
    • How to Expand Mobile Device and Remote Work Security
    • Do You Do Business in Nevada? Here’s What You Need to Know About Security
    • The Future of Cybersecurity Regulations: March 1, 2017 New York DFS Changes
    • Ransomware Dominates the Threat Landscape in 2022
    • The WannaCry Ransomware String of Attacks: What Is the Story?
    • 5 Factors to Consider Increasing Reliance on Big Data
    • 6 Tips to Segment a Network to Better Protect Your System
    • Protecting Personally Identifiable Information (PII)
    • Try These 5 Steps to Complete a More In-Depth Threat Assessment
    • What You Need to Know about the CMMC 
    • University Network Security Is Now More Important Than Ever
    • The Massachusetts Data Protection Act: Tightening Up Individual State Data Privacy Laws
    • What Is the FTC Red Flags Rule and Who Must Comply?
    • Data Security for Your Mobile Device
  • Category: Network Security
    • Why Do You Need a Network Security Checklist?
    • How to Respond to a Data Breach
    • Safeguard Company Data: 7 Vital Tips to Increase Password Protection
    • A Cybersecurity Checklist to Get You into the Holiday Spirit
    • COBIT & Val IT – How These Frameworks Help Your Business
    • Guard Your Company’s Computing System from Ransomware
    • What are Webtrust and Systrust?
    • New Year’s Resolutions for Better Data Security in 2016
    • How Often Should You Have Your Database Updated?
    • The 5 Top Data Breaches of 2015
    • Preparing for Cybersecurity in 2016
  • Category: NIST Assessments
    • Tips for Preparing Your Next NIST Risk Assessment
    • About NIST SP 800-53 | What You Need to Know to Maintain Compliance
  • Category: VCISO
• Category: Healthcare Compliance and Risk Mitigation
  • How Do Internal Audits Work?
  • Privacy vs. Confidentiality in a SOC 2: Do You Know the Differences?
  • 10 Security Essentials Your CIO Needs to Know for Peace of Mind
  • SOC 2 vs. ISO 27001 & 27002: Which is Right for your Company?
  • Identifying Common Compliance Misconceptions
  • 2017 CPA Exam: Changes to Skill and Content Specifications
  • Establish an Effective Internal Control Environment That Reflects Your Organization’s Values
  • IRS-1075 Compliance Tips for Your Organization
  • Offsite Backup and Disaster Recovery for HIPAA Compliance in 2021
  • Auditing Exceptions and How They Might Impact Your SOC Reports
  • Implement a Few Simple Tips To Ensure Year-End Compliance
  • Fine Tune Your Compliance By Better Understanding Model Audit Rule Requirements
  • Compliance Issues That Your Insurance Company Should Know
  • Prevent Internal Fraud With Awareness and a Solid Strategy
  • New Compliance Challenges in 2022
  • Is Joint Commission Accreditation Right for your Healthcare Brand?
  • 3 Key Steps for Creating a Unified Control Framework to Simplify Compliance
  • The Continuing Expansion of the Insurance Compliance Officer Role
  • Understanding MARS-E Compliance: Health Insurance Exchanges Security
  • Make Sure Your Team Is Meeting Compliance Controls & Processes
  • How to Best Communicate Your Security and Compliance Requirements to Potential Business Clients & Partners
  • It’s Been A Tough Year For Healthcare Data Breaches 
  • SSAE 18 Audits Allow Customers to Trust a Payroll Company’s Services
  • Category: Agreed Upon Procedures
    • Agreed-Upon Procedures vs. SOC 2 Audits: Which One Do You Need?
  • Category: California Consumer Privacy Act
    • A Comparison of GDPR and CCPA
    • California Consumer Privacy Act: What You Need to Know About This New Legislation
  • Category: Disaster Recovery
    • Business Continuity & Disaster Recovery Plans: Why It’s Critical to Update
    • How Internal Auditors Lead Disaster Recovery Planning
    • How to Reduce Risk When Working with Healthcare Business Associates
    • Disaster Recovery Terms Glossary
    • Everything You Need for Your Next Disaster Recovery Audit
    • What a Business Continuity Plan Is and Why You Need One Right Away
  • Category: Enterprise Risk Management
    • IT Incident Response Plan: Key Steps to Implement
    • Business Leaders Eye Rising Enterprise Risk in 2021
    • What Regulations Are on the Horizon for Fintech Companies? 
    • Internal Auditor’s Expanding Role in Enterprise Risk Management
    • The Crucial Role of Ethics in IT Security and Compliance
    • Third-Party Risk Management: The Essential Guide
    • Powerful Tools for Weighing Positive Risk & Negative Risk
    • Green Power Pass (GPP): The Benefits of Renewable Energy Certification
    • Risk Management, Risk Assessment or Risk Analysis: What’s the Difference?
  • Category: FISMA
    • Guidelines for Developing your Data Retention Policy
    • Are You Confident That Your Organization Is FISMA Compliant?
  • Category: GDPR
    • Achieve & Maintain Peak GDPR Compliance with These 5 Technology Solutions
    • GDPR Three Years Later: What Impact Has It Made?
    • Our Takeaways from the Extension to ISO/IEC 27701:2019 – Will ISO 27701 Be the New GDPR Certification Standard?
    • Will the U.S. Adopt a Nationwide Data Privacy Law Similar to GDPR?
    • The Only GDPR Compliance Checklist that You Need
  • Category: GLBA
    • Learn More About the GLBA Risk Assessment Matrix
    • Learn About the Types of Institutions That Benefit from a Successful GLBA Audit
    • Essential Guide to GLBA Compliance & Audits
  • Category: HIPAA/HITECH
    • HIPAA-Compliant Telehealth: Avoiding HIPAA Violations During A Pandemic
    • HIPAA Compliance & Cell Phones: Staying Compliant While Staying Connected
    • Do You Know the Difference Between HIPAA Privacy and Security Rules?
    • The 4 Most Common Compliance Risks and How to Avoid Them
    • Should HIPAA Audit Logs be Kept for 6 Years?
    • Which Matters More: HIPAA or State Law?
    • Benefits of Combining PCI and HIPAA Compliance Efforts
    • The Importance of Disaster Recovery for Healthcare Organizations and HIPAA Compliance
    • Top 5 Most Trusted, HIPAA-Compliant Cloud Storage Services
    • HIPAA Compliance for File Sharing in 2021
    • HIPAA Compliance Checklist + 3 Sure Ways to Show Adherence
    • What Is in a HIPAA Risk Analysis & Tips for How to Pass Your HIPAA Audit?
    • HITRUST® Guidelines for Setting HIPAA-Compliant Passwords
    • What Is the Direct Liability of Business Associates Under HIPAA Rules?
    • What Do We Mean by “Protected Health Information”?
  • Category: HITRUST
    • HITRUST Supports the TEFCA Program and QHIN Compliance  
    • HITRUST® Scope: Factors to Determine HITRUST Engagement
    • Overview of the HITRUST Quality Assurance Review Process
    • HITRUST Shared Responsibility™ Program: Understanding CSP Security Control Coverage
    • What Does It Mean to Be HITRUST Certified?
    • What Is a HITRUST® Interim Assessment?
    • Combining HITRUST® and SOC 2 Makes Compliance More Efficient
    • Benefits of Having a CPA Firm Perform your HITRUST CSF Assessment
    • HITRUST Glossary of Terms within the Phases of HITRUST
    • What to Know About the New HITRUST CSF v9.3: Effective January 1, 2020
    • Security for Healthcare Organizations in the Cloud with HITRUST® Assurance
    • Overview of the HITRUST Validated Assessment
    • HITRUST CSF 90-Day Rules: Maturation and Assessment Period Review
    • Time to Talk to Your Business Associates About HITRUST CSF Certification?
    • How the HITRUST PRISMA Model Delivers ‘Rely-Ability’
    • How the HITRUST CSF is Expanding Beyond Healthcare in 2020
    • The Cost of HITRUST® Certification: Why It’s Worth It
    • The HITRUST RightStart Program: An Accelerated Path to Compliance for Startups
    • HIPAA vs. HITRUST: What are the Differences?
    • Quickly Evaluate Third-Party Business Partners with HITRUST® Risk Triage
    • What Is the HITRUST CSF? Learn How to Protect Data Security
    • How to Get HITRUST Certification in 4 Clear Steps
    • HITRUST Maturity is the Strongest Defense Against Data Breaches
    • Build a Risk Management Program with the HITRUST CSF®
    • Quiz: Is HITRUST CSF the Right Choice for Your Organization?
    • Streamline Your SOC Audit Using HITRUST CSF Built-In Control Categories
    • What is the role of the External Assessor for HITRUST?
    • The Power of Gap Analysis & Remediation for HITRUST CSF Certification
    • HITRUST Implemented, 1-year (i1) Validated Assessment Now Available: Why It’s a Better Option 
    • HITRUST CSF Assessment Preparation Guide
    • How HITRUST Validated and Readiness Assessments Are Scored
    • Preventing Healthcare Data Breaches with the HITRUST CSF®
    • Overview of the HITRUST CSF Readiness Assessment
    • HITRUST: New Assessment Options on the Way
    • I.S. Partners, LLC Obtains Approval as HITRUST CSF Assessor
  • Category: Internal Audit
    • Outsourced and Co-sourced Internal Audits: Which One Is Right for Your Organization?
    • How Often Are Internal Audits Needed?
    • Learn What Attestation, Assurance and Auditing Means in the CPA Industry
    • Combining Risk Assessments & Internal Auditing Services
    • Gap Analysis vs. Internal Audit: Which Evaluation Process Do You Need?
    • What Does an Internal Auditor Do?
    • Certified Information Systems Auditor (CISA): How Are They Qualified?
    • Benefits of Using a Third Party Service for Medical Claims Audits
    • Why Organizational Readiness Assessments are Important
    • Internal Control Audit of A Cloud Infrastructure
    • Internal Control: 5 Key Principles of COSO Framework
  • Category: ISO
    • Implementing NIST Cyber Security Framework Using ISO 27001 Is an Organic Process
    • What is the Difference Between ISO 27001 and ISO 27002?
    • How to Prepare for ISO 27001 Certification in 10 Steps
    • The Difference Between ISO Compliance, Certification & Accreditation in Management Systems
    • A Practical Approach to Asset Inventory for ISO 27001
    • Why Is ISO Certification More Popular Among U.S. Businesses?
    • The Advantages of ISO 50001 Certification & Upcoming Changes
    • 6 Steps to Help You Develop Your ISO 27001 Statement of Applicability
    • Are You Ready for ISO 27001:2022? 
    • Understanding Compliance – ISO 27001 and ISO 27002
  • Category: MAR/SOX
    • Ensuring Peak SOX Compliance for Your Organization
    • What Is a SOX Audit?
  • Category: NERC
    • NERC CIP and the Importance of Consistent Compliance
  • Category: PCI-DSS
    • What is a PCI RoC and Why Do You Need One?
    • Who is Liable for Your Website’s PCI Compliance? 
    • Alleviate Audit Anxiety with A Glossary Of PCI Terms
    • PCI DSS SAQ Types: Which Type Is Right for Your Business?
    • PCI Non Compliance Fines & Consequences
    • An Important Question in Online Payments: Is PayPal PCI DSS Compliant?
    • A Guide to Keeping Phone Orders PCI Compliant
    • I.S. Partners, LLC Certified as a Qualified Security Assessor to Perform PCI-DSS
    • Key Differences & Overlaps Between PCI and GDPR
    • Utilizing the effectiveness of PCI DSS and NIST
    • PCI DSS 4.0: What Changes Can We Expect?
    • How to Get Ready for a PCI Audit
    • Don’t Think You Need PCI Compliance Documentation? Think Again!
    • Experts Tips on How to Select a PCI-Compliant Service Provider
    • Why Small Businesses Need the Data Security Essentials (DSE) Toolkit
    • Do You Know Your PCI Compliance Level?
    • Is Your Server PCI Compliant?
    • Transition Expected in 2022 with the New PA-DSS Version
    • PCI Security Standards Council Releases Best Practices for Securing E-Commerce
    • Is Your Web Developer or Hosting Company Liable if Your Website is Not PCI Compliant?
    • The Latest Network Segmentation Guidance and How It Might Affect Your PCI DSS Scope
    • How to Keep Employees and Your Organization PCI Compliant
    • Get Ready for the PCI DSS Version 3.2 Self-Assessment Questionnaires
  • Category: Third-Party Risk Management
• Category: SOC Compliance
  • Do You Know How to Read and Interpret a SOC Report?
  • Who Is Certified to Complete a SOC Audit?
  • Focus on SOC: AT Section 101
  • An Overview of Complementary User Entity Controls
  • Category: SOC 1
    • 9 Steps to Prepare for a Smooth SSAE 18 Audit
    • SSAE 16 Checklist
    • How To Prepare for a SOC Audit
    • How to Find the Right SOC 1 Auditor: a Checklist
    • Understand the Difference Between SOC 1 Type 1 & 2 Reports
    • 5 Reasons Data Centers Need a SOC 1 Audit Report
    • How to Reduce Your E&O Insurance Premium with a SOC Audit
    • How to Write a Strong System Description for SOC 1
    • Prepare a Great Written Assertion for Your SOC 1 Examination 
    • The Best SOC 1 Reporting Approach
    • Why SOC 1 Is More Valuable than SOC 2?
  • Category: SOC 2
    • Frequently Asked Questions about the Trust Services Criteria (TSC)
    • What Do SOC 2 Reports Mean to Managed Service Providers?
    • What You Need to Know About SOC 2 for Cloud Security
    • SOC 2 Certification Timeline: 8 Steps to Solid Preparation
    • 4 Critical Practices for SOC 2 Security Compliance
    • Simple Ways to Determine When to Include Processing Integrity into Your SOC 2 Audit
    • Case Study: Compliance & Security Support for FinTech Startup
    • SOC 2 Audits: What They Are & How to Stay Compliant
    • Are Pen Tests & Vulnerability Scans Needed for SOC 2 Report Compliance?
    • SOC 1 and SOC 2 Reports – Do You Know The Difference?
  • Category: SOC 3
    • When Should You Consider a SOC 3 Audit?
  • Category: SOC for Supply Chain
    • Will Disruptions Make Supply Chains More Vulnerable to Attack?
    • Securing Operational Processes with SOC for Vendor Supply Chains
• Category: Uncategorized
  • How Blockchain Boosts Cloud Security