.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
CJIS Security Policy v6.0: Key Changes & What They Mean
by Kelly O’Brien on February 10, 2025 at 2:15 PM
%20Security%20Policy%20v6.jpg)
The Criminal Justice Information Services (CJIS) Security Policy v6.0, released on December 27, 2024, introduces significant modernization efforts aimed at enhancing security, compliance, and risk management in handling Criminal Justice Information (CJI). As technology and cyber threa …
How Can I Hire a Virtual CISO For My Business?
by Jeffrey Torrance on February 4, 2025 at 3:15 PM
As cybersecurity threats continue to evolve, businesses—especially small and mid-sized enterprises (SMEs)—are increasingly recognizing the need for strong security leadership. However, hiring a full-time Chief Information Security Officer (CISO) may not always be feasible due to budge …
New PCI Requirements Released for SAQ A Merchant Validation
by Kyle Daun on February 3, 2025 at 11:49 AM
The PCI Security Standards Council (PCI SSC) recently introduced significant updates for merchants validating their compliance using Self-Assessment Questionnaire A (SAQ A). These updates, part of PCI DSS v4.0.1, reflect industry feedback and evolving security concerns, particularly t …
When SOC 2 Compliance Makes Sense
by Bernard Gallagher on January 28, 2025 at 3:51 PM
In today’s business landscape, security and trust are paramount. SOC 2 compliance has become a widely recognized standard for demonstrating a commitment to protecting sensitive data and maintaining robust security practices. Whether you’re working with enterprise clients, handling cri …
Understanding SOC 2 Compliance & Vendor Management
by William DePalma on January 24, 2025 at 11:59 AM
SOC 2 (System and Organization Controls 2) is a trusted auditing standard developed by the American Institute of Certified Public Accountants (AICPA). It assesses an organization’s information systems against the Trust Services Criteria (TSC): security, availability, processing integr …
DoD Cloud Impact Levels Explained: IL2, IL4, IL5 & IL6
by Jake Dwares on January 15, 2025 at 12:59 PM
The security of information is a cornerstone of the Department of Defense's (DoD) operations. To safeguard sensitive data, the DoD has developed Impact Levels (ILs), a framework that categorizes information systems based on their sensitivity and the potential impact of a compromise. T …