.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
What is Phishing? Attack Techniques & Examples
by Geoff Yeagley on August 17, 2016 at 9:38 AM
Ransomware has dominated the news recently when it comes to IT Security. In fact, it was recently reported that 1 out of 5 companies that suffers a Ransomware attack ends up going out of business at least temporarily and 30% of affected companies lost revenue. Now we turn to the quest …
Moving From SSAE 16 to SSAE 18....
by Mike Mellor on August 11, 2016 at 11:35 AM
This is a guest post that was co-written by Mike Mellor, CPA and Nina Drury from DiSanto, Priest, & Co. in Warwick, RI. DiSanto, Priest, & Co. is a professional advisory firm that has been in business for over 50 years providing a range of services to their clients. These serv …
IT GRC - Compliance
by Geoff Yeagley on August 2, 2016 at 11:34 AM
Over the past week we have been discussing an overview of IT Governance, Risk, and Compliance as well as diving into each of the components that make up this program. Today we are going to talk about the final piece of the IT GRC puzzle: Compliance.
IT GRC - Let's Talk About Risk!
by Geoff Yeagley on July 28, 2016 at 10:18 AM
Earlier this week we discussed IT Governance, Risk, and Compliance (IT GRC) with a specific focus on IT Governance. To read more of that post, click here. Today we are going to focus on the second component of IT GRC, IT Risk. In keeping with consistency, Gartner defines IT Risk as "t …
IT GRC - What is IT Governance?
by Geoff Yeagley on July 26, 2016 at 10:00 AM
In the world of Information Security, acronyms are a way of life. In fact, we often refer to all these different acronyms as "alphabet soup." Keeping track of what they all mean and what they stand for can be challenging. With that in mind, over the next 3 blog posts, we are going to …
SSAE 16 SOC 2 Report: The 5 Trust Principles
by Geoff Yeagley on July 20, 2016 at 10:00 AM
Over the past several weeks, we have been digging in to the SSAE 16 SOC 2 reports. We have looked at what a SOC 2 report is, the differences between a Type I and Type II report, and why the Section III is so important. This week we are going to look at what are called the 5 Trust Serv …