.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
A Detailed History of SOC 2 Compliance
by Rachel Hughes on July 2, 2024 at 12:30 PM
Security threats do not only come from bad actors online or suspicious links in an email. Have you considered the security threats posed by your organization’s closest entities – like vendors and partners? Third party service providers may unknowingly pose security threats to their co …
How Data Classification Can Combat Data Sprawl & Enhance Efficiency
by CJ Hurd on June 4, 2024 at 11:00 AM
Data sprawl is a pervasive issue in modern organizations, characterized by the uncontrolled and often chaotic growth of data across various systems and storage solutions. As businesses accumulate vast amounts of data, the challenges of managing, securing, and utilizing this informatio …
What to Look for When Choosing a SOC 2 Audit Firm
by Derek Boczenowski on May 23, 2024 at 9:30 AM
Selecting a SOC 2 auditor can be challenging for many business leaders. This significant financial commitment demonstrates your dedication to data security to your business partners and customers. With numerous audit firms vying for your SOC 2 business, what criteria should you consid …
CCPA vs. GDPR: A Comprehensive Comparison
by Andrew Paull on April 11, 2024 at 2:15 PM
Compliance laws such as the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR) were established to safeguard user data from unauthorized access and breaches. These laws are applicable to businesses involved in the collection, usage, or sharing of …
What Is a SOC 2 Report and Who Needs One?
by Derek Boczenowski on March 29, 2024 at 11:43 AM
In an era where data security and privacy are paramount, the SOC 2 report emerges as a critical tool for organizations that manage customer data. Tailored to ensure the safeguarding of information, a SOC 2 report not only enhances an organization's credibility but also solidifies its …
New CJIS Requirements: What You Need to Know
by Kelly O’Brien on March 20, 2024 at 2:45 PM
In a recent Compass IT Compliance blog, we delved into the fundamentals of the Criminal Justice Information Services (CJIS) Security Policy (CSP), its applicability, and the criticality of CJIS Compliance, terminology, and the thirteen policy areas applicable at the time of that writi …