.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
SOC 1 vs SOC 2 Reports - What's the Difference?
by CJ Hurd on September 1, 2023 at 3:00 PM
As the landscape of modern business shifts, one thing becomes clearer: outsourcing is not just a fleeting trend, but a strategic move adopted by companies across industries. With this increasing reliance on third-party services, there emerges an unprecedented need for more rigorous me …
Building a Privacy Culture This Data Privacy Week
by Brian Kelly on January 26, 2023 at 1:00 PM
In 2022, data privacy became a hot topic as consumers became more aware of how their data was being tracked and used by companies. This was partly due to the efforts of companies like Apple to educate consumers about their privacy rights.
Using the HECVAT to Measure Vendor Risk
by Brian Kelly on September 8, 2022 at 1:00 PM
Not a day goes by without a conversation about third-party risk management. Our clients are being bombarded in all directions; asked by regulators, auditors, their clients, and customers alike to complete third-party risk assessments (SIG, CAIQ, HECVAT).
PCI DSS v4.0 ROC Changes – Coming Now to an Organization Near You!
by Derek Boczenowski on August 17, 2022 at 3:30 PM
The Payment Card Industry Data Security Standard (PCI DSS) version 4.0 is here! It has been released, the documents are available publicly for anyone who would like to read them, and forms for both the 900-pound level 1 Report on Compliance (ROC) and the Self-Assessment Questionnaires …
Cybersecurity Controls & Configurations – Are You Locking Your Doors?
by Geoff Yeagley on July 20, 2022 at 3:15 PM
Summertime is the peak time for people to go on vacation. The kids are off from school and the weather is finally nice in most of the country. When you go on vacation, no matter how far you travel, there are certain precautions that you take to ensure that your home is safe while you …
Ignorance Is Not Bliss When It Comes to Security Assessments
by Kelly O’Brien on May 6, 2022 at 4:00 PM
It is no surprise that bad actors constantly seek to take advantage of current events and changing circumstances to exploit vulnerabilities and gaps in the security of organizations across a myriad of industry verticals and sizes.