PCI Readiness Series: PCI Requirement 11

by KirkpatrickPrice / December 19, 2022

PCI Requirement 11: Validating Your Security Program This session in our PCI Readiness series focuses on Requirement 11. This requirement requires regular monitoring and testing of security systems and processes, which validates an organization’s risk/threat management program and determines if it’s functioning correctly. To successfully validate your system, scans should validate your risk identification and risk ranking program. Internal scan results should be used to address risk through your risk…

Road to HIPAA Compliance: Training the Workforce

by KirkpatrickPrice / December 19, 2022

4 Key Elements of HIPAA Compliance Training This webinar discusses training your workforce for HIPAA compliance. You may feel some push-back or a lack of enthusiasm from your workforce about HIPAA training, but it may be helpful to remind them that training is not only required, but it’s the key to HIPAA compliance. An effective workforce training program makes an effective HIPAA compliance program. Although it’s a challenge, it is…

Selecting SOC 2 Trust Service Principles

by Sarah Harvey / February 7, 2023

Which Trust Services Criteria Do I Need to Include in my SOC 2 Audit? Once you’ve determined you are ready to pursue a SOC 2 audit report, the first thing you have to decide is which of the five Trust Services Principles (recently updated to Trust Services Criteria) you want to include in your SOC 2 audit report. SOC 2 reports can address one or more of the following categories:…

How Do I Become Compliant with PCI?

by Sarah Harvey / April 12, 2023

Becoming PCI Compliant for the first time can be an overwhelming undertaking if you are unsure of where to start. With approximately 394 controls, this comprehensive data security standard can be a large undertaking that is best tackled with expert assistance. The first step towards achieving PCI compliance is to have a Gap Analysis performed by a PCI expert. Working with a PCI expert will help you to understand all…

Why am I Being Asked about SOC 2 Compliance?

by Sarah Harvey / February 7, 2023

If you’re being asked about SOC 2 compliance for the first time, you may be wondering why. It’s becoming increasingly common for organizations to request that their vendors become SOC 2 compliant so they can ensure that the companies they are working with are appropriately protecting their sensitive information. Perhaps you’re a vendor of a larger organization who is being audited by a publicly traded company, or maybe you want…