10 Ways to Conduct Patch Management

by Sarah Harvey / December 16, 2022

Like with all software and technology, there are bound to be vulnerabilities found and updates needed to be made. For this reason, organizations must have a patch management plan in place. But for many entities who are just starting to create their information security management plan, or who lack the experience, personnel, or resources needed to execute patch management, they’re likely asking the basic questions like: What is patch management?…

Combining SOC 2 and PCI Audits

by Sarah Harvey / April 12, 2023

We get a lot of questions about SOC 2 and PCI audits. Should your company do both? Are you able to consolidate multiple audits into one project? KirkpatrickPrice has developed the Online Audit Manager to make it easier to combine multiple audits into one project. Let’s talk through why and how you would take on the project of a combined SOC 2 and PCI audit. What are SOC 2 and…

Online Audit Manager

Achieving SOC 2 and HIPAA Compliance with the Online Audit Manager

by Sarah Harvey / September 6, 2023

Multi-Audit Delivery for ProntoForms Because of the complexity of today’s security threats, many organizations must pursue multiple compliance goals to protect their systems. Take ProntoForms, a low-code application platform that helps users deploy field apps to reliably complete field work and collect data that bolsters field service, fleet, safety, and asset management systems. ProntoForms’ users are often in environments with complex equipment and processes, like hospitals, construction sites, heavy manufacturing…

Data Backup Best Practices: 4 Things You Need to Know

by Sarah Harvey / June 14, 2023

Data Backups and Recovery Go Hand-in-Hand When a data breach happens at your organization - whether you’re hit by a ransomware attack, an advanced DoS attack, or an internal actor mistakenly deletes company records - you need to ensure that your data is properly backed up. A data backup is an updated copy of your company’s data that is stored in a separate system or medium (i.e. file, hard drive,…

The SOC Audit Process: Tackling Type I and Type II Reports

by Sarah Harvey / June 13, 2023

So you’ve decided whether you need a SOC 1 or a SOC 2 audit…what’s next? You need to decide where you’ll begin the SOC audit process. With a gap analysis? What are the SOC report types? A Type I? A Type II? Let’s discuss KirkpatrickPrice’s method for completing Type I and Type II audits. SOC Report Types: Type I and Type II FAQs No matter the SOC report types needed…