Blog

7 Deadly Sins of a HITRUST CSF Assessment

by Shannon Lane / October 11, 2023

7 Deadly Sins of HITRUST At KirkpatrickPrice, we’ve worked with clients of all sizes – from startups to enterprise-level organizations. By working with so many organizations of varying sizes and industries, we’ve been able to identify seven primary pitfalls that make for a challenging audit environment, all of which represent initial difficulties that often lead to a failed or very drawn out HITRUST validated assessment attempts. In recognizing how significant…

Auditing Basics: Audit Risk, Control Risk, and Detection Risk

by Joseph Kirkpatrick / February 15, 2023

What Types of Risk Impact SOC 1 and SOC 2 Audits? SOC 1 and SOC 2 audits are largely impacted by various types of risk. During a SOC 1 and SOC 2 audit, an auditor will be focused on limiting the following types of risk: audit risk, control risk, and detection risk. So, how are those risks different? How to they affect an auditor while performing SOC 1 or SOC…

Secure Your City: Public Safety

by Sarah Harvey / June 14, 2023

The components of every city’s public safety – law enforcement, fire, EMS – must perform their due diligence and meet best practices when creating effective cybersecurity strategies. Each department is targeted for different reasons, but each one impacts the safety of residents. You’d be surprised by how often cyber attacks against public safety happens and how little it’s talked about. Let’s take a look at five reasons why cybersecurity is…

Where a Breach Happens: Threats to Financial Institutions

by Sarah Harvey / December 16, 2022

Securing Financial Institutions Every business has an asset that they can’t bear to lose, and for financial institutions, those assets include money, financial information about consumers, and consumers’ personal data. Financial institutions need personal data in order to verify financial information and protecting all of that data is a responsibility. In this white paper, we’ll discuss four major areas of concern that financial institutions must take into consideration when securing…

Auditing Basics: Carve-Out vs. Inclusive Vendors

by Joseph Kirkpatrick / February 15, 2023

During the initial scoping phases of an organization’s audit engagement, your auditor will partner with you to help you narrow down the third-party vendors to be included in your engagement. In order to ensure that your organization’s security posture is and remains strong, you need to consider the impact that the third-party vendors you’ve entrusted sensitive data with could have on your organization. This means that you’ll need to be…

7 Deadly Sins of a HITRUST CSF Assessment

Auditing Basics: Audit Risk, Control Risk, and Detection Risk

Secure Your City: Public Safety

Where a Breach Happens: Threats to Financial Institutions

Auditing Basics: Carve-Out vs. Inclusive Vendors

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.