Introducing my personal CWRF Security and Compliance Maturity Model: From Crawling to Flying
Organizations must evolve their strategies to stay ahead of emerging threats and
compliance
How I Built a Security & Compliance Reporting Process
[UPDATED 2023-MAY-31: Just did our closing meeting ISO 27001 Audit and the
ISO 27001:2022
The new version of ISO 27001 will be released sometime in the
SOC2 Workstation Policy
Loading...
Building SOC2 Security Program (High Level) Roadmap
This is assuming you are starting from scratch and covering only SOC
ISO 27001 Statement of Applicability Template
Template for your ISO 27001 program.
Loading...
SOC2 Evidence - Population Lists
Sample of possible population lists from an auditor
* List of all in-scope
SOC2 Readiness Checklist
* [ ] Annual Meetings
* [ ] Background Check Process
* [ ] Employee Handbook
* [ ] Employees Acknowledgement
* [ ] Documented Charter
* [ ] Performance
Building ISO 27001 Security Program (High Level) Roadmap
This is assuming there isn’t any certifications or audits completed for
SOC 2 Documentation and Evidence Collection Spreadsheet
This Spreadsheet you can use to prepare for a SOC2 Audit.
Loading.
Building a Policy Portal: Part 1 -Typical Types of Policies
In this first part of a series on building a policy portal
Linux Security: Performing a Compliance Scan and Active Remediation Using OSCAP
Install the Necessary Packages
1. Become root
* sudo su
2. Install the
