5 Critical Things to Consider When Choosing Your Penetration Tester

by Sarah Harvey / December 16, 2022

Have you been asked by a client to undergo penetration testing? Do you want to ensure the security of your critical systems? Getting the most out of your investment in penetration testing means that you must perform your due diligence and make sure that the penetration tester you’ve hired can deliver quality, thorough penetration testing services. How can you do that? By taking the following five things into consideration when…

What is a HITRUST Interim Assessment?

by Sarah Harvey / June 14, 2023

If you’re new to the HITRUST CSF® assessment process, you might be wondering just how different the audit process is from other audits. The requirement of the interim assessment is one of the main ways that HITRUST® certification is unique. What happens during this interim review? Let’s take a look at what you can expect during a HITRUST interim assessment. Overview of the HITRUST CSF Assessment Process The HITRUST CSF…

3 Objectives of the COSO Framework and SOC 1

by Joseph Kirkpatrick / April 5, 2023

SOC 1 and the COSO Framework If you’re new to the SOC 1 audit process, you might be wondering what framework is used to evaluate the effectiveness of internal controls. This would be the Committee of Sponsoring Organizations of the Treadway Commission, or COSO Internal Control – Integrated Framework. This framework is one of the most common frameworks used to design, implement, maintain, and evaluate internal controls. It outlines three…

Breach Report 2019 – June

by Sarah Harvey / December 16, 2022

Regardless of the size or industry of organizations, every month there is headline after headline about new data breaches. Whether it’s a ransomware attack, a negligent employee opening a phishing email, or a state-sponsored attack, millions of individuals are impacted by data breaches and security incidents on a regular basis. Let’s take a look at some of the top data breaches that occurred during June and the lessons learned from…

What Makes a SOC 2 Audit Successful?

by Sarah Harvey / June 14, 2023

What happens after you receive your SOC 2 report? You’ve just used many resources – maybe even some that you were strapped to allocate – to go through a gap analysis, remediate the findings, and then begin the SOC 2 Type I and/or Type II audit. It’s a massive project that you should be proud to finish…but what now? What makes a SOC 2 audit successful? How do you make…