Bernard Gallagher

Bernard Gallagher

Bernard Gallagher is the Senior Vice President at Compass Assurance Team, with over 30 years of expertise in IT security, compliance, and auditing. He has guided organizations across industries such as financial services, healthcare, and technology, helping them meet SOC 1, SOC 2, HIPAA, and HITRUST compliance standards while strengthening their security postures. As a compliance leader, Bernard has extensive experience with SOC 1, SOC 2, HIPAA, HITRUST, and Sarbanes-Oxley requirements, as well as IT security assessments, privacy audits, and enterprise risk management. He has also served as a Virtual Compliance Officer (VCO), helping organizations enhance their security posture and achieve regulatory compliance efficiently. His technical expertise spans network and application security, data encryption, disaster recovery, business continuity, and forensic analysis. With a Bachelor of Science from Drexel University, an MBA in IT Management, and certifications like CISSP and PMP, Bernard combines leadership and expertise to help clients achieve compliance and long-term success.

Posts by Bernard Gallagher

Selecting Your SOC 2 Type 2 Observation Period

by Bernard Gallagher on April 11, 2025 at 10:30 AM

SOC 2 Type 2 Observation Period

Preparing for your first SOC 2 Type 2 audit—or planning your next—requires careful selection of a critical component: the observation period. This timeframe, also known as the monitoring period, audit period, or review window, defines when your organization's controls will be evaluate …

Read Story

Topics: Compliance SOC 2

How Long Does a SOC 2 Audit Take to Complete?

by Bernard Gallagher on April 4, 2025 at 9:44 AM

How Long Does a SOC 2 Audit Take to Complete

At Compass, we frequently get asked, “How long does a SOC 2 audit take?” The answer depends on several factors—but having a clear understanding of the typical phases, timelines, and what influences the duration can help your organization prepare and plan accordingly.

Read Story

Topics: Compliance SOC 2

Top Security Tools to Simplify Your SOC 2 Compliance Journey

by Bernard Gallagher on March 13, 2025 at 3:52 PM

SOC 2 Compliance Security Tools

Navigating the complexities of SOC 2 compliance can be a daunting task for businesses, especially when they need to establish secure, reliable, and repeatable processes. A comprehensive SOC 2 audit focuses on five key Trust Service Criteria: security, availability, processing integrit …

Read Story

Topics: Compliance SOC 2 Software

SOC 2 for Healthcare: A Compliment to HIPAA Compliance

by Bernard Gallagher on March 8, 2025 at 1:00 PM

Hospital SOC 2 HIPAA

In today’s digital healthcare landscape, protecting sensitive patient data is a top priority. Healthcare providers are tasked with safeguarding information in compliance with rigorous regulations such as the Health Insurance Portability and Accountability Act (HIPAA). However, achievi …

Read Story

Topics: Healthcare Security HIPAA SOC 2

FinTech Security: How SOC 2 Drives Investor & Client Trust

by Bernard Gallagher on February 28, 2025 at 2:45 PM

FinTech SOC 2

In the world of financial technology (FinTech), trust is a currency as valuable as money. As startups and established firms alike strive to innovate, they must also prioritize protecting sensitive financial data. For FinTech companies, achieving SOC 2 attestation is more than a compli …

Read Story

Topics: SOC 2 Finance

Aligning Zero Trust Principles with SOC 2 Trust Service Criteria

by Bernard Gallagher on February 11, 2025 at 4:20 PM

Zero Trust SOC 2 Compliance

Achieving SOC 2 compliance requires organizations to implement rigorous security controls, and adopting a Zero Trust approach can significantly enhance this effort. Zero Trust is built on the principle of “never trust, always verify”, ensuring that access to systems, data, and applica …

Read Story

Topics: Compliance SOC 2
1 2

See all

See all

Subscribe by email