.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
NIST AI Risk Management Framework Explained
by Jerry Hughes on December 20, 2024 at 11:00 AM
Artificial intelligence (AI) is transforming industries, but with its rapid adoption come risks that organizations must address to ensure safe and ethical use. The NIST Artificial Intelligence Risk Management Framework (AI RMF), developed by the National Institute of Standards and Tec …
Here's Why Your Car Dealership Needs Cybersecurity
by Nicholas Foisy on December 9, 2024 at 2:10 PM
In previous blogs, we’ve explored TISAX and the cybersecurity challenges facing the automotive supply chain. However, there’s another critical area in the automotive sector increasingly targeted by cybercriminals: auto dealerships. As the backbone of vehicle sales and services, dealer …
What Is a SOC 1 Audit? A Guide to the Report
by Jerry Hughes on December 5, 2024 at 4:18 PM
When it comes to demonstrating trust and reliability to clients, few tools are as powerful as a SOC 1 report. These reports play a pivotal role in showcasing an organization’s commitment to safeguarding financial data and maintaining robust internal controls.
What Is a C3PAO in CMMC?
by Kyle Daun on December 2, 2024 at 1:45 PM
In today’s cybersecurity landscape, organizations that work with the U.S. Department of Defense (DoD) must adhere to stringent security standards to protect sensitive information. A critical component of achieving compliance with the Cybersecurity Maturity Model Certification (CMMC) i …
The Importance of SOC 1 Reports in 401(k) Audits
by Jerry Hughes on November 22, 2024 at 12:00 PM
401(k) plan administrators manage crucial financial transactions, including contributions, distributions, loans, and account reconciliations. Errors or fraud in these activities can have significant financial implications for plan sponsors (employers) and participants (employees). A S …
PCI DSS 4.0 Password Requirements: A Guide to Compliance
by Derek Boczenowski on November 20, 2024 at 2:16 PM
As cyber threats evolve, ensuring the security of sensitive payment card data has become increasingly crucial for businesses across all industries. The Payment Card Industry Data Security Standard (PCI DSS) was introduced to provide a framework for safeguarding payment card data. The …