Blog

California Consumer Privacy Act vs. GDPR: What Your Business Needs to Know

by Sarah Harvey / December 22, 2022

Data Privacy and Security in the US According to Pew Research Center, 64% of American adults have experienced data theft. Yahoo, eBay, Equifax, Target, Anthem, Home Depot – it has become habitual to worry about data breaches, identity theft, and other privacy concerns. With every new headline of a data breach, it seems like consumers are losing more control over what personal information is publicly available. At the same time,…

GDPR Readiness: Challenges for Organizations Outside of the EU

by Sarah Harvey / February 20, 2023

Although the EU’s General Data Protection Regulation (GDPR) enforcement deadline has passed, many non-EU organizations are still questioning what they need to do to ensure compliance. Do they need a designated representative? Where does their designated representative need to be located? Is a designated representative the same thing as a Data Protection Officer? Who do they need to notify that they have a designated representative? How do they do this?…

Why is Vendor Compliance Management Important for Your Business?

by Sarah Harvey / February 6, 2023

Vendor compliance management is the process by which organizations understand and control the risks associated with working with vendors, third parties, or business partners. If your organization utilizes vendors to conduct part of your business process – whether that be billing, customer service, data processing, etc. – the risks associated with that partnership could ultimately put you out of business. An effective risk management strategy includes a strategic process for…

SOC 2 Academy: Points of Focus

by Joseph Kirkpatrick / December 16, 2022

What is a Point of Focus? In the past, many organizations have struggled on their journey toward SOC 2 compliance because they lacked an understanding of what they needed to do to comply with the Trust Services Criteria. As such, one of the enhancements to SOC 2 reporting includes points of focus, which will assist organizations when they are designing, implementing, operating, and evaluating controls over security, availability, confidentiality, processing…

SOC 2 Academy: What’s New with SOC 2?

by Joseph Kirkpatrick / December 16, 2022

New Elements of SOC 2 In April 2017, the AICPA issued several updates to SOC 2 reporting. The most noticeable change is the revision from “Trust Services Principles and Criteria” to “Trust Services Criteria.” Other updates include points of focus, supplemental criteria, and the inclusion of the 17 principles from the 2013 COSO Internal Control Framework. Let’s take a look at how these principles will be used in a SOC…

California Consumer Privacy Act vs. GDPR: What Your Business Needs to Know

GDPR Readiness: Challenges for Organizations Outside of the EU

Why is Vendor Compliance Management Important for Your Business?

SOC 2 Academy: Points of Focus

SOC 2 Academy: What’s New with SOC 2?

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.