Using the Online Audit Manager to Complete Multiple Audits

by Abigail Raley / February 5, 2024

When completing multiple audits, it’s easy to become overwhelmed. You want to make sure that you’re taking the necessary steps to succeed, but you find yourself answering the same questions across multiple audits, using compliance tools that aren’t actually helpful, and working with multiple firms to meet all of your security and compliance needs. You want a quality audit across multiple frameworks, for yourself or your clients’ peace of mind.…

Conducting Incident Response Plan Table Top Exercises

by Tori Thurmond / July 10, 2023

So, your Incident Response Plan looks good on paper – it’s been mapped, planned, and documented. But has it been tested? Will it actually work? According to the 2022 IBM Cost of a Data Breach Report, organizations that had an incident response (IR) team in place and tested their incident response plan had an average of $2.66 million lower breach cost than organizations without an IR team and that didn't…

Notes from the Field: CIS Control 6 – Access Control Management 

by Greg Halpin / June 22, 2023

Greg Halpin continues the Center for Internet Security (CIS) Controls series by discussing the sixth CIS control. To refresh your memory, the CIS Controls are 18 critical information security controls that all organizations and information security professionals should understand and implement to protect their networks, systems, and data from attackers.    The CIS overview for Access Control Management is - Use processes and tools to create, assign, manage, and revoke access…

Notes from the Field: CIS Control 2 – Inventory and Control of Software Assets 

by Greg Halpin / June 22, 2023

Many of the clients I work with are startup companies that have amazing technologies and services but don't have mature information security programs in place. They often don't know which information security framework to follow or how to implement them. Some frameworks are either too vague or too long and detailed to be useful. That's why I recommend the CIS Controls to my clients to help them get started on…

5 Elements of a Quality Audit

by Tori Thurmond / February 5, 2024

You deserve an audit that accurately reflects the quality of your organization. We know that you deliver quality to your clients every day, and you need to work with an auditing firm that will deliver the same to you. However, knowing exactly what to look for to ensure a quality audit can be overwhelming. With some of the bigger firms claiming to have the best and fastest platform, it can…