By:
RYAN MACKIE
June 13th, 2024
As the need for SOC 2 examinations continues to grow domestically as well as internationally, many organizations now either find themselves taking on more and more assessments or trying to appease a client base that requires a SOC 2 examination when the typical product or platform approach may not apply. When these situations crop up, we are seeing more adoption of what’s known as an enterprise services SOC 2 examination.
Payment Card Assessments | PCI DSS
By:
Matt Crane
June 11th, 2024
As of June 11th, PCI DSS v4.0.1 was officially released. This update comes with several clarifications and adjustments to the previous version, ensuring more precise guidelines and addressing various implementation issues.
By:
Nisha Ellis
June 6th, 2024
Given the international reputation of ISO standards, ISO 14001 certification represents a great option for organizations seeking to prove their commitment to sustainability. To achieve certification of your environmental management system (EMS), however, you must meet the framework’s holistic requirements regarding environmental issues.
ISO Certifications | Artificial Intelligence
By:
Danny Manimbo
June 4th, 2024
While the rapid pace at which artificial intelligence (AI) technology has been both developing and impacting several areas of our daily lives continues, so do the concerns about the tech’s safety, privacy, and bias. As there’s no stopping the ongoing integration of AI, organizations are now wondering what they can do to ease those concerns, and the answer is simple—start with protecting your data.
Compliance and Certification | HDS Certification
By:
Robert Tylka
May 30th, 2024
Back in 2018, the French government introduced—by way of its Public Health Code (Article L.1111-8)— HDS certification, mandating that all entities hosting personal health data must successfully achieve certification. Now, in 2024, they’ve published a new HDS framework with changes, expositions, and removals of language that organizations affected will need to know in order to comply.
By:
Schellman
May 28th, 2024
Now that the deadline for the CISA Secure Software Development form is quickly approaching, organizations are working to ensure they get their attestation in order—that includes FedRAMP Cloud Service Providers (CSPs).
Healthcare Assessments | HIPAA
By:
Schellman
May 23rd, 2024
Perhaps believing they’re simply too small for the government to consider, some smaller healthcare providers will choose to either fly under the radar or hope that regulators of the Health Insurance Portability and Accountability Act (HIPAA) won’t notice their lack of correct processes and controls. However, this likely won’t work—in fact, over 55% of HIPAA fines in 2022 were levied against small practices.
Payment Card Assessments | PCI DSS
By:
Bill Soverns
May 21st, 2024
If you’re a newly hired CISO or Director for an organization that’s required to achieve and maintain PCI DSS, you may be wondering how and where you can get started so that you’re ready when it comes time for the assessment to begin.