Compass IT Compliance Blog

Where to Start with PCI Compliance: The PCI Compliance Checklist

by TJ Quirk on July 23, 2015 at 2:14 PM

Navigating the complexities of PCI Compliance can be challenging and time consuming, especially if it is your first time going through the process. What do you need to do to become PCI compliant and what is your plan for getting started? These are questions that are often asked that c …

Read Story

What is a PCI ROC?

by TJ Quirk on July 21, 2015 at 9:32 AM

Often times we hear terms that are thrown around like PCI Risk Assessment and PCI Report on Compliance (ROC). Are you often struggling to understand the difference between these requirements and if / when you’re required to complete them? The good news is that you’re not alone and hop …

Read Story

How Vendor Management Software Can Help with Regulatory Compliance

by Geoff Yeagley on July 14, 2015 at 9:34 AM

Read Story

Security Awareness Training is No Joke!

by Derek Boczenowski on June 23, 2015 at 9:51 AM

Without a doubt, almost every type of IT audit contains a section on security awareness training. And in many companies, it is a weakness that can be exploited easier than trying to hack a firewall or compromise a server. In many cases, it can be as easy as sending an email or making …

Read Story

A Key To Your Risk Management Strategy: Cybersecurity Insurance

by Geoff Yeagley on June 16, 2015 at 10:34 AM

I went to a conference back in October and the keynote speaker was a former NSA Director. He made a brilliant point during his presentation that was as follows: There are two types of companies, one that has been breached and the other is the one that has been breached but doesn’t kno …

Read Story

Security Awareness Training: The First Line of Defense

by Adam Cravedi on June 3, 2015 at 10:29 AM

Compass IT security auditors are often asked if there is a single “most important” factor involved in safeguarding a business’s data assets.

Read Story