.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
SSAE 16 SOC 2 Reports: What Are They?
by Geoff Yeagley on February 18, 2016 at 12:28 PM
The SSAE 16 process, on the surface, sounds confusing. Most of this has to do with the terminology that is used, particularly the similarity of the terms used. In this blog post we are going to cover what the SSAE 16 is, what the different SOC Reports, what are the different types of …
IT Risk Assessments and the SANS Top 20 - Part III
by Geoff Yeagley on February 16, 2016 at 10:56 AM
As we continue down our journey of discussing the importance of the SANS Top 20 Critical Security Controls, I want to make one important clarification that was brought to my attention by one of the readers of our blog. It should be noted that the controls that we are referring to in t …
IT Risk Assessments and the SANS Top 20 - Part II
by Geoff Yeagley on February 9, 2016 at 10:00 AM
We are in part II of the blog series that we are doing on the SANS Top 20 Critical Security Controls (CSC) and why organizations are using these controls as a foundation for their IT Risk Assessments. This week we are going to cover CSC's 6 through 10 and provide a little overview of …
IT Risk Assessment and the SANS Top 20 - Part I
by Geoff Yeagley on February 2, 2016 at 10:30 AM
Last week we discussed the SANS Top 20 Critical Security Controls (CSC), what they are, and where they came from. This week we are going to start to dig into a handful of the Critical Security Controls to discuss what they are and why these controls are so important. In fact, industry …
IT Risk Assessments and the SANS Top 20
by Geoff Yeagley on January 26, 2016 at 10:14 AM
No matter what industry you are in, conducting a thorough IT Risk Assessment is critical to your organization for a number of reasons. First, it gives you a point in time measurement of how your IT Security posture compares to either various regulations or IT Security Frameworks.
IT Security in 2016: What Comes Next?
by Geoff Yeagley on January 5, 2016 at 10:00 AM
The last several years in IT Security have been full of surprises as well as the fulfillment of predictions that have been made. If you recall back to 2014, the famed credit card breaches that took place were predicted by most and ultimately held true to form. We had a rash of major b …