.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
When SOC 2 Compliance Makes Sense
by Bernard Gallagher on January 28, 2025 at 3:51 PM
In today’s business landscape, security and trust are paramount. SOC 2 compliance has become a widely recognized standard for demonstrating a commitment to protecting sensitive data and maintaining robust security practices. Whether you’re working with enterprise clients, handling cri …
Understanding SOC 2 Compliance & Vendor Management
by William DePalma on January 24, 2025 at 11:59 AM
SOC 2 (System and Organization Controls 2) is a trusted auditing standard developed by the American Institute of Certified Public Accountants (AICPA). It assesses an organization’s information systems against the Trust Services Criteria (TSC): security, availability, processing integr …
Quantum Computing & Encryption: What It Means for Security
by Nicholas Foisy on January 22, 2025 at 3:30 PM
Quantum computing is one of the most groundbreaking technological advancements of the 21st century. While its potential applications range from solving complex scientific problems to optimizing logistics, its implications for cybersecurity are profound. Specifically, the advent of qua …
RedNote App Privacy Concerns: TikTok Migration Meaning
by Peter Fellini on January 17, 2025 at 4:17 PM
As TikTok faces a looming ban in the United States, a new player has emerged on the social media stage: RedNote. Known as Xiaohongshu (Little Red Book) in China, RedNote has skyrocketed in popularity, especially among American users seeking alternatives. However, its meteoric rise com …
DoD Cloud Impact Levels Explained: IL2, IL4, IL5 & IL6
by Jake Dwares on January 15, 2025 at 12:59 PM
The security of information is a cornerstone of the Department of Defense's (DoD) operations. To safeguard sensitive data, the DoD has developed Impact Levels (ILs), a framework that categorizes information systems based on their sensitivity and the potential impact of a compromise. T …
SAS 145 and IT General Controls: What Organizations Need to Know
by Bernard Gallagher on January 13, 2025 at 2:30 PM
The release of SAS 145 (Statement on Auditing Standards No. 145) represents a significant shift in how auditors evaluate and respond to the risks of material misstatements, particularly in complex IT environments. As IT General Controls (ITGCs) underpin key financial processes and rep …