Jerry Hughes

Jerry Hughes

Jerry Hughes, a founding member of Compass IT Compliance, LLC, has over 35 years of experience helping companies become compliant with internal, industry and government regulations such as PCI-DSS, Sarbanes-Oxley, HIPAA, and GLBA. Mr. Hughes, a Certified Information Systems Auditor (CISA), Qualified Security Assessor (QSA), Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), and Certified Data Privacy Solutions Engineer (CDPSE) has extensive IT auditing experience, especially within the financial industry and the retail sector. He carries an undergraduate degree in Applied Mathematics for Engineers and a minor in Computer Science from the University of Rhode Island. Mr. Hughes has helped develop Compass IT Compliance, LLC into one of the nation's premier consulting firms in the areas of IT governance, assurance, security, and compliance services.

Posts by Jerry Hughes

Your Guide to Drafting a Data Retention Policy

by Jerry Hughes on August 9, 2023 at 1:00 PM

Data Retention Policy

Each day, organizations across the globe handle massive amounts of information, and ensuring it's managed securely, compliantly, and efficiently is no walk in the park. The nitty-gritty of data retention, from knowing how long to keep specific files to wading through a maze of regulat …

Read Story

Topics: Compliance Policies and Procedures

Addressing the Risks of Artificial Intelligence (AI)

by Jerry Hughes on May 4, 2023 at 1:00 PM

AI ChatGPT

Artificial intelligence (AI) is a tool with transformative potential across various domains. It can enhance medical diagnoses and bolster cybersecurity, improving decision-making and efficiency. Nevertheless, like any emerging technology, AI carries certain risks.

Read Story

Topics: News Artificial Intelligence

COVID-19: Is Management Asking the Right Questions?

by Jerry Hughes on April 24, 2020 at 4:00 PM

COVID-19: Is Management Asking the Right Questions?

What if you are the owner or manager of a business in today’s world? A few weeks ago, our world was turned upside down – to say the least. Management’s focus shifted from business as usual to figuring out how to keep employees safe and company doors open for business (in-person or vir …

Read Story

Topics: Vendor Management Vulnerability Scanning Policies and Procedures Business Continuity Planning Privacy Pandemic Planning

Stop Running from Privacy! Use the NIST Privacy Framework

by Jerry Hughes on February 19, 2020 at 1:00 PM

Stop Running from Privacy! Use the NIST Privacy Framework

Take a look at your recent SOC 2 Type ll Service Organization Audit, where there are five Trust Service Criteria (Security, Confidentiality, Processing Integrity, Availability, and Privacy). How about your last Health Insurance Portability and Accountability Act (HIPPA) Audit, where t …

Read Story

Topics: NIST Privacy

The Coronavirus – Be Prepared!

by Jerry Hughes on February 13, 2020 at 1:30 PM

The Coronavirus – Be Prepared!

The Centers for Disease Control and Prevention (CDC) is closely monitoring an outbreak of respiratory illness caused by the Coronavirus. This new virus was first identified in Wuhan, Hubei Province, China. Chinese authorities identified the new coronavirus, which has resulted in thous …

Read Story

Topics: Business Continuity Planning Pandemic Planning

The FFIEC Gives the BCP Booklet a Facelift

by Jerry Hughes on December 19, 2019 at 1:00 PM

architectural-design-architecture-banks-barclays-351264

From BCP to BCM The Federal Financial Institutions Examination Council (FFIEC) Information Technology Examination Handbook (IT Handbook) is comprised of several IT booklets for use by examiners. In November of 2019, the FFIEC member agencies replaced the dated “Business Continuity Pla …

Read Story

Topics: Incident Response Business Continuity Planning Finance
1 2 3 4 5

See all

See all

Subscribe by email