Jerry Hughes

Jerry Hughes

Jerry Hughes, a founding member of Compass IT Compliance, LLC, has over 35 years of experience helping companies become compliant with internal, industry and government regulations such as PCI-DSS, Sarbanes-Oxley, HIPAA, and GLBA. Mr. Hughes, a Certified Information Systems Auditor (CISA), Qualified Security Assessor (QSA), Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), and Certified Data Privacy Solutions Engineer (CDPSE) has extensive IT auditing experience, especially within the financial industry and the retail sector. He carries an undergraduate degree in Applied Mathematics for Engineers and a minor in Computer Science from the University of Rhode Island. Mr. Hughes has helped develop Compass IT Compliance, LLC into one of the nation's premier consulting firms in the areas of IT governance, assurance, security, and compliance services.

Posts by Jerry Hughes

NIST AI Risk Management Framework Explained

NIST AI RMF

Artificial intelligence (AI) is transforming industries, but with its rapid adoption come risks that organizations must address to ensure safe and ethical use. The NIST Artificial Intelligence Risk Management Framework (AI RMF), developed by the National Institute of Standards and Tec …

Read Story

10 Common Myths About SOC 2 Audits Debunked

SOC 2 Myths

SOC 2 audits play a pivotal role in helping businesses showcase their dedication to safeguarding data and building trust with customers, partners, and stakeholders. However, misconceptions about the process often give rise to confusion, unwarranted stress, and inefficiencies that can …

Read Story

Why Year-End is the Perfect Time for Your SOC 2 Audit

SOC 2 Audit New Year's

Conducting SOC 2 audits at year-end has strategic advantages, especially for companies looking to showcase a strong commitment to data security. For organizations, focusing on year-end audits can serve as a powerful differentiator. Here are five compelling reasons why year-end is a pe …

Read Story

Your SOC 2 Audit Is Complete – What Comes Next?

SOC 2 Audit Completed

Congratulations on achieving SOC 2 compliance! At Compass, we understand the effort it takes to meet the rigorous Trust Services Criteria and successfully navigate the audit process. Securing your SOC 2 attestation is a significant milestone, demonstrating your organization’s commitme …

Read Story

What Is a SOC 1 Audit? A Guide to the Report

SOC 1 Reports

When it comes to demonstrating trust and reliability to clients, few tools are as powerful as a SOC 1 report. These reports play a pivotal role in showcasing an organization’s commitment to safeguarding financial data and maintaining robust internal controls.

Read Story

Why SOC 1 and SOC 2 Are Essential for Venture Capital (VC) Firms

Venture Capital SOC Audit

For venture capital (VC) firms, maintaining compliance and robust security across portfolio companies is essential to reducing risks and driving long-term value. SOC audits and tailored security assessments provide a structured approach to managing financial accuracy, regulatory deman …

Read Story

Subscribe by email