.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
SAS 145 and IT General Controls: What Organizations Need to Know
by Bernard Gallagher on January 13, 2025 at 2:30 PM
The release of SAS 145 (Statement on Auditing Standards No. 145) represents a significant shift in how auditors evaluate and respond to the risks of material misstatements, particularly in complex IT environments. As IT General Controls (ITGCs) underpin key financial processes and rep …
Leveraging a Virtual CISO (vCISO) for SOC 2 Compliance
by Jeffrey Torrance on January 10, 2025 at 1:00 PM
In the rapidly evolving landscape of cybersecurity and data privacy, achieving and maintaining compliance with industry standards like SOC 2 is critical for businesses of all sizes. However, this process can be daunting, especially for organizations lacking the internal expertise or r …
Unlocking Higher Education Security: SOC 2 Compliance & Universities
by Jerry Hughes on January 6, 2025 at 3:27 PM
In an era where data security is paramount, universities find themselves grappling with the dual challenge of advancing academic research and protecting sensitive information. From personal student data to cutting-edge research, universities manage vast amounts of sensitive informatio …
Do SOC 2 Auditors Read and Review Code?
by Bernard Gallagher on December 26, 2024 at 1:04 PM
For organizations pursuing SOC 2 compliance, understanding the scope and focus of the audit process is crucial. A common question that arises is whether auditors review source code as part of the SOC 2 audit. Having clarity on this topic is essential, and organizations can benefit fro …
Why Year-End is the Perfect Time for Your SOC 2 Audit
by Jerry Hughes on December 13, 2024 at 3:06 PM
Conducting SOC 2 audits at year-end has strategic advantages, especially for companies looking to showcase a strong commitment to data security. For organizations, focusing on year-end audits can serve as a powerful differentiator. Here are five compelling reasons why year-end is a pe …
Year-End Audit Crunch: Preparing for SOC 2 When Everyone Else Is
by Jerry Hughes on November 13, 2024 at 4:46 PM
As the calendar edges toward year-end, companies everywhere ramp up their efforts to complete their SOC 2 compliance audits. This time of year often brings a rush to get SOC 2 attestation ready, and for those with ambitious end-of-year goals, timing and preparedness become critical. W …