by Kevin Hermosura | Jan 23, 2020 | CCPA
Reading Time: 2 minutes
The California Consumer Privacy Act (CCPA) went live on January 1st, 2020 and applies to any company (e.g., yours or your vendors’) that collects or provides the personal information of California residents and meets one or more of... by Kevin Hermosura | Jan 21, 2020 | Third Party Risk Management
Reading Time: 2 minutes
The Standardized Control Assessment (SCA) tool is provided by the Shared Assessments program. It’s part of their “Trust but Verify” model, where the Standardized Information Gathering (SIG) Questionnaire is the “Trust” portion and... by Kevin Hermosura | Dec 13, 2019 | Third Party Risk Management
Reading Time: 2 minutes
Managing vendor risk effectively can demand significant planning and resources. Many small to medium sized businesses (SMBs) lack the expertise and employee bandwidth to tackle the problem in-house, so they’ve put off addressing it.... by Kevin Hermosura | Nov 15, 2019 | Third Party Risk Management
Reading Time: 2 minutes
A disturbing fact that often comes to light in conversations with clients and prospects is that IT and information security teams don’t know what vendors their company is sharing sensitive data with. Sure, they can name their most... by Kevin Hermosura | Oct 25, 2019 | Third Party Risk Management
Reading Time: 3 minutes
A SOC 2 attestation is a report from an independent auditor, which states his or her opinion of a company’s internal security and financial controls. SOC 2 doesn’t start with a detailed list of requirements that must be met and how...
