.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
How Long Is A SOC 2 Certification Good For?
by William DePalma on August 27, 2024 at 1:00 PM
SOC 2 (System and Organization Controls 2) reports provide service organizations with a way to demonstrate their commitment to security, availability, processing integrity, confidentiality, and privacy. These reports provide assurance to clients and stakeholders that the service organ …
How Often Should a SOC 2 Report Be Updated?
by Jerry Hughes on August 20, 2024 at 1:00 PM
Given the dynamic nature of cybersecurity threats and regulatory requirements, understanding the frequency of SOC 2 report updates is essential for maintaining compliance and ensuring continuous protection. In today's fast-paced landscape, organizations must be proactive in managing t …
Understanding SOC 2 Audit Opinions: An Auditor’s Perspective
by Jerry Hughes on August 8, 2024 at 12:45 PM
Service Organization Control 2 (SOC 2) reports are relevant for service organizations to demonstrate their commitment to data security and the effectiveness of their internal controls. SOC 2 reports come with audit opinions provided by independent auditors, which offer insights into h …
Lessons Learned from the CrowdStrike Tech Outage
by Jesse Roberts on July 22, 2024 at 3:00 PM
The recent global outage caused by CrowdStrike's faulty update has highlighted crucial lessons for organizations worldwide. By examining the factors that led to this disruption and understanding how to mitigate similar risks, organizations can enhance their resilience and ensure conti …
Nobody Is Exempt from Vendor Security Questionnaires
by CJ Hurd on July 12, 2024 at 12:00 PM
Increased supply chain and vendor breaches have underscored the critical importance of vendor security questionnaires for safeguarding organizational security. These questionnaires have emerged as essential tools for organizations to evaluate the security practices of their third-part …
What Are the 5 Trust Services Criteria (TSC) for SOC 2?
by Kyle Daun on July 10, 2024 at 1:00 PM
Adhering to industry standards is crucial for organizations that manage sensitive data and rely on robust information systems. The SOC 2 Trust Services Criteria (TSC) provides a comprehensive framework to ensure systems are secure, available, and reliable. This blog will explore the f …