by John Verry | May 11, 2018 | Penetration Testing
Editor’s Note: This post was originally published in September 2015 and has been updated for accuracy and comprehensiveness. For some time, CPA firms, qualified security assessors (QSAs) and similar entities that focus on security attestation have been including... by John Verry | Sep 9, 2014 | ISO 27001 Certification
What is the most efficient way to get ISO 27001 certified if you already have your SOC 2 attestation? It’s not uncommon for an organization that had previously used (somewhat incorrectly) SAS 70 as its primary means of demonstrating its security posture to have... by John Verry | Oct 17, 2013 | ISMS Consulting
Increasingly we are seeing organizations that are deciding to use both ISO-27001 and SOC2 to demonstrate their commitment to information security. Most frequently this is driven by differing contractual requirements imposed upon them by their clients. Fortunately, if...
