by
Sarah Harvey / June 14, 2023
Are you a merchant, service provider, or sub-service provider who stores, processes, or transmits cardholder data? Going through a PCI audit for the first time? Your organization will need an individual who can help you maintain PCI compliance and provide you with a high-quality PCI audit. Who can do that? A Qualified Security Assessor (QSA). In fact, a QSA is the only individual who can deliver a PCI RoC for…
by
Sarah Harvey / December 16, 2022
In most healthcare settings, third parties are relied upon to provide secure offerings to assist covered entities in providing quality, secure healthcare services. Covered entities ultimately bear the responsibility of validating their third party security standards, however, covered entities often times still fall short in ensuring that business associates guard protected health information (PHI) against advancing cybersecurity threats. In one of the most recent cases, Quest Diagnostics, one of the…
by
Sarah Harvey / December 16, 2022
Have you been asked by a client to undergo penetration testing? Do you want to ensure the security of your critical systems? Getting the most out of your investment in penetration testing means that you must perform your due diligence and make sure that the penetration tester you’ve hired can deliver quality, thorough penetration testing services. How can you do that? By taking the following five things into consideration when…
by
Sarah Harvey / June 14, 2023
If you’re new to the HITRUST CSF® assessment process, you might be wondering just how different the audit process is from other audits. The requirement of the interim assessment is one of the main ways that HITRUST® certification is unique. What happens during this interim review? Let’s take a look at what you can expect during a HITRUST interim assessment. Overview of the HITRUST CSF Assessment Process The HITRUST CSF…
by
Joseph Kirkpatrick / April 5, 2023
SOC 1 and the COSO Framework If you’re new to the SOC 1 audit process, you might be wondering what framework is used to evaluate the effectiveness of internal controls. This would be the Committee of Sponsoring Organizations of the Treadway Commission, or COSO Internal Control – Integrated Framework. This framework is one of the most common frameworks used to design, implement, maintain, and evaluate internal controls. It outlines three…
