The Keys to a Successful Audit

by Tori Thurmond / January 10, 2024

An auditor can be seen as a nit-picky, negative, overly involved outsider coming into your environment, asking questions and looking for any control that’s insufficient. This mindset causes organizations to fear auditing and auditors, when in reality, an audit is a healthy habit and auditors are trained to help you better understand and protect your assets. Audits don’t need to be so intimidating. Instead, a successful, quality audit should include…

Auditor Insights: Where to Start with GDPR Compliance

by Mark Hinely / February 7, 2024

As GDPR becomes a more and more prevalent data privacy law, we want to give organizations four actions to start with when working towards GDPR compliance. These areas should help organizations understand what kind of personal data of data subjects that they have, where it goes, and what role (data controller or data processor) they fit into under GDPR. I chose the areas of data mapping, contract management, documentation review,…

Notes from the Field: Center for Internet Security Control 11 – Data Recovery 

by Greg Halpin / October 30, 2023

The client I was working with had undergone a management shakeup over the previous year. The CIO left and was replaced by someone who brought in several new managers. The result was a lot of IT and DevOps staff turnover. Many skilled staff who knew how everything worked at the company left amid the uncertainty. There were not enough senior people left to train all of the new hires. Without…

The Bleach Breach: How a Quality SOC 2 Audit Could Have Helped Clorox

by Tori Thurmond / October 12, 2023

Another day, another breach. There have been quite a few cybersecurity events breaking the news involving major companies lately—one of the notable events involving Clorox.   Back in August, the multibillion-dollar corporation discovered unauthorized activity in some of their IT systems. The organization enabled their business continuity plan (BCP), but was forced into processes that affected their production capacity. The product shortages resulted in the organization losing money each and every…

Rebuilding Trust After a Data Breach

by Hannah Grace Holladay / October 2, 2023

Threats are constantly evolving.  We know you want to be ready to face them, but what happens when you’ve already experienced a breach? How do you restore not only your business operations, but your reputation?    According to Pew Research Center, half of Americans feel that their personal information is less secure than it was five years ago. Even more so, 64% of American adults have experienced data theft via credit…