How should you prepare for passing your SOC 2 audit? The pressure is on as more and more service providers and service organizations are being asked by clients for a SOC 2 audit report. Are you prepared to demonstrate your commitment to security and privacy to your clients and prospects? Here are 5 things you … Read more
Debt collection agencies with sensitive data need to be familiar with how PCI, FISMA, SSAE 16/SOC 1 and SOC 2 apply to them. If you’re performing collections, you’re no stranger to regulatory compliance and the proactive supervision of government agencies such as the Federal Trade Commission (FTC), Consumer Financial Protection Bureau (CFPB), and the Office … Read more
IT Regulatory Standards Are an Alphabet Soup IT regulatory standards got you down? If you work in IT or IT compliance, you’ve probably heard of the “Alphabet Soup” of regulatory standards. Think SSAE 16, SOC 2, HIPAA, PCI DSS, FISMA, ISO 27001, and others, of course. However, what do they all really mean? Which one is right for me? … Read more
When it comes to CFPB vendor compliance, companies must “oversee” their vendors “in a manner that ensures compliance with Federal consumer financial law…The CFPB’s exercise of its supervisory and enforcement authority will closely reflect this orientation and emphasis,” according to the Consumer Financial Protection Bureau’s CFPB Bulletin 2012-3. An effective risk management strategy includes the … Read more
In light of the recent news of the data breach at Anthem Blue Cross/Blue Shield, risk assessment is our theme today. We welcome this guest post from our partner, KirkpatrickPrice…. Performing a Risk Assessment is a critical component of any Information Security Program. It’s mandated by several frameworks (SSAE 16, SOC 2, PCI DSS, … Read more