Most organizations have at least heard of SOC reports. Published and administered by the American Institute of Certified Professional Accountants (AICPA), the SOC umbrella of attestations helps organizations demonstrate adherence to best practices around data privacy, cybersecurity, risk assessment and financial reporting. 

Since SOC requirements come directly from the AICPA, the organization releases documents pertaining to guidance for audits and compliance. One of the primary documents for SOC compliance is Statement on Standards for Attestation Engagements no. 18 (SSAE 18). 

Read More

The Federal Information Security Act, or FISMA, is a comprehensive cybersecurity law that has a widespread impact on federal agencies, state agencies handling federal programs and contractors and service providers working with these agencies. As such, its effect is wide-ranging, and FISMA requirements often overlap or inform other, more specific compliance frameworks.

However, at its core, FISMA dictates some of the basic and most fundamental cybersecurity practices that governed organizations must adhere to. Learn more about what it means to meet FISMA compliance. 

Read More

In November 2020, California voters approved Proposition 24, including the California Privacy Rights Act, or CPRA. This law amends and expands regulations under the original California Consumer Privacy Act (CCPA). 

One question that affected businesses asks is, “how can I prepare for CPRA compliance?” With the law taking effect on January 1, 2022, the clock is ticking, and many organizations are looking for ways to complete final compliance preparations. 

Here, we will talk about some of the basic steps for CRPA compliance. 

Read More