.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
SOC 2 Common Criteria List: CC-Series Explained
by Jerry Hughes on October 4, 2024 at 2:30 PM
SOC 2, a widely recognized auditing framework developed by the American Institute of Certified Public Accountants (AICPA), is designed to assess the effectiveness of a service organization’s controls around data security. The SOC 2 report is based on the five Trust Services Criteria ( …
SOC 2 vs. NIST: A Comprehensive Comparison
by Jerry Hughes on October 2, 2024 at 1:00 PM
When comparing SOC 2 and NIST frameworks, it is essential to understand their respective roles in cybersecurity, compliance, and risk management. Both frameworks provide guidance for organizations seeking to protect sensitive data and ensure security, but they are designed with differ …
SOC 2 Password Requirements - A Simple Guide
by Jerry Hughes on September 24, 2024 at 3:45 PM
The SOC 2 (System and Organization Controls 2) is a framework for managing and securing data based on criteria established by the AICPA (American Institute of Certified Public Accountants). It is used to assess and report on the controls of service organizations related to data securi …
Big vs. Small CPA Firms: Which Fits Your SOC 2 Needs?
by Jerry Hughes on September 17, 2024 at 1:00 PM
Choosing the right CPA firm for a SOC 2 audit is a crucial decision for any organization seeking to demonstrate its commitment to data security, availability, processing integrity, confidentiality, and privacy. SOC 2 (System and Organization Controls 2) reports are essential for servi …
What Platforms Are SOC 2 Compliant? Find Out Here!
by Nicholas Foisy on September 13, 2024 at 1:20 PM
SOC 2 compliance has become a critical benchmark for organizations handling sensitive customer data. For businesses looking to maintain trust and meet industry standards, SOC 2 compliance is often a non-negotiable requirement. The following article provides a breakdown of whether vari …
ISO 27001 vs. SOC 2: Discover the Differences
by Jerry Hughes on September 10, 2024 at 1:00 PM
ISO 27001 and SOC 2 are both essential frameworks for ensuring information security, but they are designed for different purposes and cater to several types of organizations. Understanding the answer to the question, “what is the difference between SOC 2 and ISO 27001?” is crucial for …