Reciprocity

DECEMBER 21, 2022

If your company is a service organization and your customers trust you with their data, you may need to pass a SOC 2 (System and Organization Controls 2) audit. Compliance and certification are the goals of a SOC 2 audit. The SOC 2 compliance audit gives them that assurance. Develop a SOC 2 Audit Framework. What is SOC 2?

Audit 52

Audit Gap Analysis Security Cybersecurity 52

Reciprocity

OCTOBER 1, 2022

The ISO 27001 standard for management of information systems helps organizations of any size to manage the security of data assets such as employee information, financial information, intellectual property, and third-party information. 5 – Information Security Policies. 7 – Human Resource Security.

Gap Analysis 52

Gap Analysis Audit Security Asset Management 52

Reciprocity

DECEMBER 21, 2022

If using an ISO audit software tool to achieve ISO certification is on your compliance roadmap, here’s a quick primer to get you up to speed and jumpstart your ISO compliance efforts. The ISO 27001 family, published by the International Organization for Standardization, includes a set of standards for information security.

Audit 52

Audit Accreditation Gap Analysis All-Hazards 52

Reciprocity

DECEMBER 27, 2022

To succeed, a business is well advised to use a dedicated GRC tool; the right one allows you to stay aware of your organization’s risk posture, align your business and strategic objectives with information technology, and continually meet your compliance responsibilities. Audit management. Clear Organizational Hierarchy.

Government 52

Government Audit Risk Management Disaster Recovery 52

Reciprocity

DECEMBER 19, 2022

Or if you’re a healthcare provider offering tele-medicine and accepting credit card payments, you need to implement controls protecting both electronic personal health information (ePHI) and cardholder information. Set up a mechanism for monitoring and auditing. Elements of a Strong Compliance Program.

Audit 52

Audit All-Hazards Gap Analysis Healthcare 52

Fusion Risk Management

JANUARY 5, 2023

The DORA unifies ICT-related (information and communications technology) incident management processes by introducing a standard incident classification methodology with a set of prescriptive criteria (including the number of users impacted, duration, geographic spread, data loss, impact to ICT systems, and criticality of services affected).

Resilience 52

Resilience Financial Services Audit Outsourcing 52

Fusion Risk Management

AUGUST 18, 2022

The key difference between the DORA and other resilience requirements is that its focus is on Information and C ommunication T echnology ( ICT ) risk. For more information, contact your Account Manager or check out Fusion’s recent webinar on technology and data resiliency.

Resilience 52

Resilience Authorization Gap Analysis Risk Management 52