Why Fintech Should Focus on Availability

by Sarah Harvey / June 13, 2023

Robinhood, an investing and trading platform, experienced every startup’s nightmare: service outages at a crucial time, leaving frustrated customers unable to trade. TechCrunch explains, “It’s perhaps the worst-timed bug in the history of the seven-year-old company, because it coincided with one of the biggest single-day gains in the history of the Dow Jones Industrial Average, and huge gains on the Nasdaq, as well. In all, markets gained $1.1 trillion in…

Writing a Change Management Policy

by Sarah Harvey / December 16, 2022

Policies and procedures are nothing new in the world of information security. One of the best things you can do to secure your environment is to develop detailed policies to keep your employees educated on the proper security processes that need to be implemented within your organization. Writing a change management policy is just one step you can take to better secure your organizational and IT systems. Every organization focuses…

Combining SOC 1, SOC 2, and PCI Audits

by Sarah Harvey / June 13, 2023

An organization may choose a combined SOC 1, SOC 2, and PCI audit for many reasons. First, there are compliance requirements. A PCI audit may be mandatory, but too narrow of a scope to be useful to user entities, so a SOC 1 or SOC 2 is needed. Second, there are logistical reasons. If you have to go through all three audits, why not consolidate the effort into one process?…

Internal vs. Third-Party Audits: Why You Need to be Leveraging Both

by Sarah Harvey / February 20, 2023

Internal Audits vs. External Audits Is an internal audit enough? Should you utilize both internal and external audits? This is an ongoing conversation in our arena. But at KirkpatrickPrice, we know that there is power in having both perspectives, especially when it comes to conquering your compliance goals. If you want to prove to your stakeholders that you’re willing to do everything you can to take control of the cyber…

Combining SOC 2 and HIPAA Audits

by Sarah Harvey / June 13, 2023

We get a lot of questions about SOC 2 and HIPAA audits. Should your company do both? Are you able to consolidate multiple audits into one project? KirkpatrickPrice has developed the Online Audit Manager to make it easier to combine multiple audits into one project. Let’s talk through why and how you would take on the project of a combined SOC 2 and HIPAA audit. What are SOC 2 and…