.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
What to Look for When Choosing a SOC 2 Audit Firm
by Derek Boczenowski on May 23, 2024 at 9:30 AM
Selecting a SOC 2 auditor can be challenging for many business leaders. This significant financial commitment demonstrates your dedication to data security to your business partners and customers. With numerous audit firms vying for your SOC 2 business, what criteria should you consid …
SOC 1 vs SOC 2 Reports - What's the Difference?
by CJ Hurd on September 1, 2023 at 3:00 PM
As the landscape of modern business shifts, one thing becomes clearer: outsourcing is not just a fleeting trend, but a strategic move adopted by companies across industries. With this increasing reliance on third-party services, there emerges an unprecedented need for more rigorous me …
Center for Internet Security (CIS) Controls V8 – What's New?
by Jeffrey Torrance on August 5, 2021 at 4:00 PM
With the advent of the novel Coronavirus and the subsequent lockdowns, companies were forced to innovate on how and where they did work. The workforce shifted from the familiar physical and logical boundaries of corporate offices to home offices that provided greater flexibility but a …
The Difference Between IT Risk Assessments and IT Audits
by Patrick Hughes on July 7, 2021 at 1:00 PM
While information technology (IT) risk assessments and information technology (IT) audits go hand in hand with one another, the two terms are often misused. There are quite a few key differences to note when it comes to IT risk assessments and IT audits and determining which is best f …
IT Audit: Because you know I'm all about that Scope, 'bout that scope.
by Jerry Hughes on March 20, 2017 at 10:00 AM
The term IT Audit is so often used and misused by IT and business professionals in all industries. According to Wikipedia, IT Audit is defined as, “an examination of the management controls within an Information technology (IT) infrastructure. The evaluation of obtained evidence deter …
SSAE 16 SOC 2 Report: The 5 Trust Principles
by Geoff Yeagley on July 20, 2016 at 10:00 AM
Over the past several weeks, we have been digging in to the SSAE 16 SOC 2 reports. We have looked at what a SOC 2 report is, the differences between a Type I and Type II report, and why the Section III is so important. This week we are going to look at what are called the 5 Trust Serv …