Notes from the Field: CIS Control 15 – Service Provider Management 

by Greg Halpin / March 7, 2024

The client I was conducting a gap analysis for had an incredibly detailed Service Provider Management Policy. It required the company compliance team to conduct due diligence on all prospective service providers, including a risk analysis of each. The policy required the compliance team to review the prospective vendor's SOC 2 audit report and research the vendor's financial stability and reputation. The compliance team was to conduct annual reviews of…

SSAE 16 vs SSAE 18: Changes to SOC 1 Compliance Audits

by Hannah Grace Holladay / February 28, 2024

In April 2016, the American Institute of Certified Public Accountants (AICPA) made an important update to the attestation standards that will affect your next SOC 1 audit. Statement on Standards for Attestation Engagements (SSAE) No. 18, Attestation Standards: Clarification and Recodification provides changes to SOC 1 audits and how attestation engagements are categorized. Below, we explore the reason for this change and how the SSAE 18 affects you What is…

5 Risk Management Best Practices for Organizational Management

by Tori Thurmond / February 27, 2024

Every day, we continuously evaluate risks and decide how to prevent them from adversely impacting us. We foresee the possibility of something happening to our car, hence we buy insurance. We know the statistics of home break-ins, so we set up an alarm system and replace the locks. We see the forecast for rain and bring an umbrella when we leave the house. Similarly, every business organization also has risks…

The 5 Steps of Risk Management

by KirkpatrickPrice / February 26, 2024

Business risks are inevitable: some are chosen deliberately, and others are inherent. Starting a business involves selling products, hiring employees, gathering information, and creating systems. While these steps are crucial for success, they also carry risks. How can a business thrive if it fails to balance risk-taking with risk mitigation? Below, we define and explore the role and steps of risk management. (more…)

KirkpatrickPrice Serves the 15,000th User in the Online Audit Manager

by Lindsay Culbreath / February 26, 2024

Offering audit services, a readiness experience, and report management, the OAM is the only tool you’ll need to meet your compliance goals. NASHVILLE, TN, UNITED STATES, February 26, 2024 /EINPresswire.com/ -- Cybersecurity auditing firm KirkpatrickPrice has recently served the 15,000th user in its compliance tool, the Online Audit Manager. The Online Audit Manager (OAM), the world’s first compliance audit platform, allows organizations to start and complete their audit using mapping and streamlined evidence…