by
Sarah Harvey / December 16, 2022
Are you in the process of getting your annual audit performed? Are you preparing for your annual audit? We have compiled a list of the Top 10 Risks we most commonly find when auditing information security to help you better strengthen your own environment. Take a look at what our auditors have found to be common shortcomings and make sure you’re not making those same mistakes at your organization. 1.…
by
Sarah Harvey / December 16, 2022
SOC 1 (formerly SSAE 16) is the most commonly used means of third-party attestation. Have you been asked about a SOC 1 audit? Are you interested in learning more about how you can ensure SOC 1 compliance? The following webinar provides an informative overview of the SOC 1 framework along with SOC 2, HIPAA, PCI, and FISMA. What Does a SOC 1 Audit Include? SOC 1 is an audit…
by
KirkpatrickPrice / December 16, 2022
This session in our PCI Readiness Series focuses on PCI DSS Requirements 3 and 4, which focus on encryption and protecting cardholder data. PCI Requirement 3 states, "Protect stored cardholder data." PCI Requirement 4 states, "Encrypt transmission of cardholder data across open, public networks." What is Requirement 3? PCI Requirement 3 gives organizations an opportunity to consider which retained data is required and which is becoming a liability for…
by
Sarah Harvey / June 15, 2023
Why is an internal audit program important? The CFPB Examination Manual has become the ruling guidance for those in the collections space, and internal audit is a topic that can’t be taken too lightly. According to the manual, an effective compliance management system should have four interdependent control components: Board and management oversight Compliance program Response to consumer complaints Compliance Audit When these four control components are strong and well-coordinated,…
by
Sarah Harvey / June 14, 2023
Last week, we explored the process of writing effective policies. This week we will take a look at what goes in to writing effective procedures; the policy counterpart. Procedures are the process or task instructions on how, exactly, a policy is followed. They communicate the responsibility for a task or a process. Where a policy defines the rule as a guide to employees making decisions and mandatory rules that require…
