William DePalma

William DePalma

William DePalma is a founding member of Compass IT Compliance, LLC. With nearly two decades of experience working alongside organizations to address IT security and compliance challenges, William has played a key role in helping businesses navigate evolving regulatory requirements and cybersecurity risks. His leadership has been instrumental in the growth of Compass IT Compliance, guiding organizations in strengthening their security postures and meeting industry standards. In addition to his work at Compass IT Compliance, William was instrumental in the founding of Compass Cyber Guard and the Compass Assurance Team, affiliates dedicated to providing specialized cybersecurity and compliance solutions. Before co-founding Compass IT Compliance, William worked with Lighthouse IT Compliance Group, where he was deeply involved in supporting organizations with their compliance initiatives. His experience spans a range of industries, giving him valuable insight into the operational and security challenges that companies face today. William holds a Bachelor of Science in Business Administration from the University of New Hampshire and served in the United States Coast Guard for 22 years. Learn more about William in his employee spotlight video: https://www.youtube.com/watch?v=97Ncw0JRt5A

Posts by William DePalma

CMMC & the Executive Order: A New Era for Shipbuilders

by William DePalma on May 2, 2025 at 2:23 PM

Shipbuilders CMMC

America’s shipbuilding renaissance is underway. On April 9, 2025, President Trump signed a sweeping executive order aimed at revitalizing the U.S. shipbuilding industrial base—an industry long seen as vital to both economic strength and national defense. At the same time, shipbuilders …

Read Story

Topics: Government CMMC News

Subcontractor Survival: Meeting Prime Contractor CMMC Requirements

by William DePalma on April 17, 2025 at 1:53 PM

CMMC Factory

The cybersecurity landscape for the defense industrial base (DIB) has shifted. With the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) 2.0 moving swiftly toward full enforcement, subcontractors are finding themselves under growing pressure — not only f …

Read Story

Topics: Compliance Government CMMC

Understanding SOC 2 Compliance & Vendor Management

by William DePalma on January 24, 2025 at 11:59 AM

SOC 2 Vendor Management

SOC 2 (System and Organization Controls 2) is a trusted auditing standard developed by the American Institute of Certified Public Accountants (AICPA). It assesses an organization’s information systems against the Trust Services Criteria (TSC): security, availability, processing integr …

Read Story

Topics: Vendor Management Compliance SOC 2

New York Implements Stricter Hospital Cybersecurity Regulations

by William DePalma on October 15, 2024 at 5:06 PM

New Hospital Cybersecurity Regulations

On October 2, 2024, New York State implemented groundbreaking cybersecurity regulations specifically targeting the state’s general hospitals. These regulations are a significant step forward in safeguarding sensitive patient data and healthcare operations, marking a notable shift in h …

Read Story

Topics: Healthcare Security HIPAA PII News

HECVAT vs. SOC 2: Find Out the Difference

by William DePalma on October 10, 2024 at 3:30 PM

HECVAT vs SOC 2

Organizations today, particularly those handling sensitive data or offering IT services, must respond to mounting calls for transparency on security and compliance procedures. Two such frameworks that fulfill this need are the Higher Education Community Vendor Assessment Toolkit (HECV …

Read Story

Topics: Compliance SOC 2 Higher Education

Data: The Secret Sauce to Surviving Business Disasters

by William DePalma on September 18, 2024 at 12:30 PM

Data Center

More than money, information is the lifeblood of any organization. From customer records to financial reports, the data your business generates and stores is integral to its day-to-day operations. However, many companies overlook a critical aspect of managing this valuable resource: u …

Read Story

Topics: Compliance Cybersecurity
1 2 3

See all

See all

Subscribe by email