Video Archives

PCI Requirement 10 – Track and Monitor all Access to Network Resources and Cardholder Data

by Randy Bartels / May 31, 2023

Importance of Logging and Tracking If data was compromised at your organization, how would you determine the cause? PCI Requirement 10 focuses on a critical aspect of data protection: logging and tracking. Implementing logging mechanisms at your organization gives you the ability to track user activities, which is crucial in preventing, detecting, and minimizing the consequences of a data breach. Without logging and tracking, it’s even more difficult to…

What is a Risk Assessment? – Learn The 5 Steps to a Risk Assessment

by Joseph Kirkpatrick / April 12, 2023

What is the Purpose of a Risk Assessment? Most information security frameworks require a formally documented, annual risk assessment. You will see this requirement over and over again in your pursuit of SOC 1, SOC 2, PCI DSS, HIPAA, or HITRUST CSF compliance. But what exactly is a risk assessment and why is it so important to information security frameworks? Let's find out. What is a Risk Assessment? A risk…

Understanding Your SOC 1 Report: The 5 Components of Internal Control

by Joseph Kirkpatrick / February 9, 2023

What are the Components of Internal Control (CRIME)? The framework utilized for a SOC 1 audit is known as the COSO Internal Control Framework. It’s one of the most common models used to design, implement, maintain, and evaluate internal control. To have an effective system of internal control, the COSO framework requires that service organizations have the defined components of internal control present, functioning, and supporting business and internal…

Understanding Your SOC 1 Report: The 3 Objectives of COSO

by Joseph Kirkpatrick / December 20, 2022

What is the COSO Internal Control Framework? The framework utilized for a SOC 1 audit is known as the COSO Internal Control Framework. The COSO framework is one of the most common and important models used to design, implement, maintain, and evaluate internal control. It’s regarded as the definitive model against which organizations determine the effectiveness of their internal control. The COSO framework was established in 1992, but updated in…

SOC 2 Report Criteria and FAQs

by Joseph Kirkpatrick / December 20, 2022

SOC 2 FAQs When a client pursues a SOC 2 audit for the first-time, they normally ask: What are the requirements of a SOC 2 audit? How are we going to be judged? What can I do to prepare? Which Trust Services Criteria should I select? KirkpatrickPrice strives to be your audit partner and will work with your organization to answer each of these SOC 2 FAQs. Preparing for a…

Blog

Video

PCI Requirement 10 – Track and Monitor all Access to Network Resources and Cardholder Data

What is a Risk Assessment? – Learn The 5 Steps to a Risk Assessment

Understanding Your SOC 1 Report: The 5 Components of Internal Control

Understanding Your SOC 1 Report: The 3 Objectives of COSO

SOC 2 Report Criteria and FAQs

Categories

Newsletter

Learn what you need to get started with our Audit Readiness Guide.