by John Verry | May 18, 2021 | ISMS Consulting
Reading Time: 4 minutes
Part of my day job is acting as Pivot Point Security’s CISO. In that role, I have participated in our ISO 27001 ISMS Internal Audit and our Registrar’s Surveillance Audit over the last two weeks. In the initial meeting, I always say...
by Jeremy Sporn | Sep 14, 2020 | ISO 27001 Certification
Reading Time: 2 minutes
Many organizations seeking ISO 27001 certification face other cybersecurity compliance audits as well, like SOC 2, ISO 27701, HITRUST, FedRAMP and/or CMMC. If that applies to your company, consider the benefits of...
by Richard Stever | Nov 7, 2019 | InfoSec Strategies
Reading Time: 2 minutes
Recently I had a hypothetical conversation with our marketing director about “what if” a spokesperson or responsible party for a government agency, local municipality, regulated organization or business of any size stood up in public...
by Kevin Hermosura | Oct 25, 2019 | Third Party Risk Management
Reading Time: 3 minutes
A SOC 2 attestation is a report from an independent auditor, which states his or her opinion of a company’s internal security and financial controls. SOC 2 doesn’t start with a detailed list of requirements that must be met and how...
by Ryan Buckley | Oct 9, 2019 | InfoSec Strategies
Reading Time: 3 minutes
If customers or other stakeholders are asking you for an information security attestation (my guess is they are), which of the leading frameworks do you pick—SOC 2 or ISO 27001? Both enable your organization to demonstrate your IT...
