What You Need to Know About the ISO 27001 Revisions: A Webinar Recap

by Tori Thurmond / March 21, 2024

In October of 2022, the latest revisions to the ISO 27001 framework were published. Although there is still time to transition to the revised framework, this process can feel overwhelming, and the changes can seem confusing. That’s why we partnered with SDG for a webinar covering what you need to know about the updated ISO 27001 revision.   During the webinar, one of our expert auditors, Chris Paradise, and SDG’s Managing…

5 Internal Control Components using COSO Principles

by Joseph Kirkpatrick / January 15, 2024

Implementing Internal Controls for SOC 1 Compliance When an organization pursues SOC 1 compliance, they’ll be tested against the COSO Internal Control – Integrated Framework. This framework is one of the most common frameworks used to design, implement, maintain, and evaluate internal controls. For an organization to successfully complete a SOC 1 audit, they’ll need to meet the three objectives of internal control, demonstrate that they have the five components…

PCI DSS Compliance: What do PCI SAQ, AoC, and RoC Mean?

by Tori Thurmond / January 8, 2024

The Payment Card Industry Data Security Standard (PCI DSS) is a crucial security framework for businesses that handle cardholder data. Every business that processes, stores, or transmits cardholder data must comply with the framework and undergo an annual PCI DSS assessment to verify it complies.The nature of the assessment ranges from self-assessment to a full on-site PCI DSS audit by a Qualified Security Assessor (QSA). It’s critical that businesses understand…

What is an Audit Scope?

by Joseph Kirkpatrick / December 29, 2023

What is an Audit Scope and How Does it Impact an Audit? Knowing where your assets reside and which controls apply to them are critical for any organization. Why? This is the only way you can manage and secure them from a potential data breach or security incident. During the initial phases of a SOC 1 or SOC 2 audit, an auditor will walk you through defining the scope of…

8 Best Secure Coding Practices

by Tori Thurmond / December 27, 2023

When you hire builders to construct a new home, you expect them to take every precaution to ensure once you move in, you won’t find split beams, foundational errors, or holes in the walls. In the same way, software developers are expected to uphold secure coding practices to ensure they aren’t leaving any vulnerabilities open for hackers to exploit. What is Secure Coding? Secure coding standards govern the coding practices,…