Posts

Insights, notes, and observations from RISCPoint's team of highly-credentialed security and compliance experts.

Posts in category 'Third Party Reporting'

3 Major Benefits of a HITRUST Certification

3 Major Benefits of a HITRUST Certification

January 25, 2022
The world of security regulations can often feel like alphabet soup, especially when it comes to healthcare. With HIPAA, HITECH, GDPR, NIST, FTC, ISO, COBIT, and PCI being just some of the regulations companies are recommended – or required – to comply by, you may be wondering if there’s another acronym to add to your list: HITRUST.
Decoding the Five SOC 2 Trust Services Criteria

Decoding the Five SOC 2 Trust Services Criteria

February 15, 2021
Given the shifting security landscape, SOC 2 reports will only accelerate their role as a prerequisite for conducting business. As such, it's critical for organizations to understand the 5 categories of Trust Services Criteria, in order to determine which to include in their respective auditing processes.
Cross Platform Segregation of Duties: The Next Key Report Crisis

Cross Platform Segregation of Duties: The Next Key Report Crisis

February 2, 2021
When the PCAOB’s Staff Audit Practice Alert No. 11 was released in 2013, it disrupted the entire audit industry, reverberating throughout public companies and the entire internal controls landscape. While eight years have already passed since Staff Audit Practice Alert No. 11 was introduced, current Segregation of Duties controls are poised to face the same level of scrutiny from the PCAOB in this decade.
How To Achieve Compliance Across Multiple Controls Frameworks

How To Achieve Compliance Across Multiple Controls Frameworks

January 10, 2021
Juggling the increasing complexity and volume of compliance requirements can be a daunting task for any organization. More than ever, organizations are being more scrutinized by their clients through an increasing list of compliance obligations, including: SOC 2 Attestation Reports, ISO/IEC 27001:2013 Certification Reports, HITRUST, HIPAA, FedRAMP and the list goes on. To help your organization in making these determinations, RISCPoint has developed this guide to identify the best practices in implementing a cohesive compliance framework for your organization.
SOC for Supply Chain, Explained

SOC for Supply Chain, Explained

November 30, 2020
The digital revolution has granted unparalleled access to increasingly better technology, while empowering businesses and consumers alike. These technological advancements have bridged traditional gaps between entities, vendors, and consumers, bringing them closer together than ever before. As this interconnectivity grows, so does the potential for supply chain risk.
Avoiding the pitfalls of turnkey compliance solutions

Avoiding the pitfalls of turnkey compliance solutions

November 17, 2020
Artificial intelligence, data analytics, and machine learning have advanced the security and compliance space. These technologies have enabled businesses better protect information and systems, and have helped auditors better understand environments and perform audits more efficiently but they bring their own challenges.
SOC 2 Checklists

SOC 2 Checklists

October 14, 2020
SOC 2 (System and Organization Controls) reports are becoming a prerequisite for competing in the marketplace. Most companies struggle to meet the SOC 2 compliance requirements, purchase templates that fall short during an audit, or hire firms that force them into predetermined best practices. RISCPoint understands these pain points and have put together this SOC 2 compliance checklist to help your organization succeed with its compliance initiative.

Categories