.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
What is TISAX Assessment Level 2.5 (AL 2.5)?
by CJ Hurd on January 8, 2025 at 2:21 PM
In the realm of automotive and industrial information security, TISAX (Trusted Information Security Assessment Exchange) plays a vital role in standardizing security assessments among partners and suppliers. One of its unique features is the concept of assessment levels, which determi …
Do SOC 2 Auditors Read and Review Code?
by Bernard Gallagher on December 26, 2024 at 1:04 PM
For organizations pursuing SOC 2 compliance, understanding the scope and focus of the audit process is crucial. A common question that arises is whether auditors review source code as part of the SOC 2 audit. Having clarity on this topic is essential, and organizations can benefit fro …
NIST AI Risk Management Framework Explained
by Jerry Hughes on December 20, 2024 at 11:00 AM
Artificial intelligence (AI) is transforming industries, but with its rapid adoption come risks that organizations must address to ensure safe and ethical use. The NIST Artificial Intelligence Risk Management Framework (AI RMF), developed by the National Institute of Standards and Tec …
10 Common Myths About SOC 2 Audits Debunked
by Jerry Hughes on December 18, 2024 at 1:00 PM
SOC 2 audits play a pivotal role in helping businesses showcase their dedication to safeguarding data and building trust with customers, partners, and stakeholders. However, misconceptions about the process often give rise to confusion, unwarranted stress, and inefficiencies that can …
Your SOC 2 Audit Is Complete – What Comes Next?
by Jerry Hughes on December 11, 2024 at 1:00 PM
Congratulations on achieving SOC 2 compliance! At Compass, we understand the effort it takes to meet the rigorous Trust Services Criteria and successfully navigate the audit process. Securing your SOC 2 attestation is a significant milestone, demonstrating your organization’s commitme …
Here's Why Your Car Dealership Needs Cybersecurity
by Nicholas Foisy on December 9, 2024 at 2:10 PM
In previous blogs, we’ve explored TISAX and the cybersecurity challenges facing the automotive supply chain. However, there’s another critical area in the automotive sector increasingly targeted by cybercriminals: auto dealerships. As the backbone of vehicle sales and services, dealer …