.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Which Industries Benefit Most from Cybersecurity Risk Assessments?
by Jake Dwares on December 5, 2025 at 12:20 PM
Cybersecurity isn't just a concern for tech companies anymore. In today's interconnected world, every organization that handles digital data faces potential threats from hackers, ransomware, phishing attacks, and insider threats. While all businesses should prioritize cybersecurity, c …
What is TISAX Assessment Level 2.5 (AL 2.5)?
by CJ Hurd on January 8, 2025 at 2:21 PM
In the realm of automotive and industrial information security, TISAX (Trusted Information Security Assessment Exchange) plays a vital role in standardizing security assessments among partners and suppliers. One of its unique features is the concept of assessment levels, which determi …
SOC 1 vs SOC 2 Reports - What's the Difference?
by CJ Hurd on September 1, 2023 at 3:00 PM
As the landscape of modern business shifts, one thing becomes clearer: outsourcing is not just a fleeting trend, but a strategic move adopted by companies across industries. With this increasing reliance on third-party services, there emerges an unprecedented need for more rigorous me …
Building a Privacy Culture This Data Privacy Week
by Brian Kelly on January 26, 2023 at 1:00 PM
.jpg)
In 2022, data privacy became a hot topic as consumers became more aware of how their data was being tracked and used by companies. This was partly due to the efforts of companies like Apple to educate consumers about their privacy rights.
Using the HECVAT to Measure Vendor Risk
by Brian Kelly on September 8, 2022 at 1:00 PM
.jpg)
Not a day goes by without a conversation about third-party risk management. Our clients are being bombarded in all directions; asked by regulators, auditors, their clients, and customers alike to complete third-party risk assessments (SIG, CAIQ, HECVAT).
PCI DSS v4.0 ROC Changes – Coming Now to an Organization Near You!
by Derek Boczenowski on August 17, 2022 at 3:30 PM
%20(1).jpg)
The Payment Card Industry Data Security Standard (PCI DSS) version 4.0 is here! It has been released, the documents are available publicly for anyone who would like to read them, and forms for both the 900-pound level 1 Report on Compliance (ROC) and the Self-Assessment Questionnaires …