Sign in Subscribe

GRC

How I built a Security Question & Answer Knowledge Base

How I built a Security Question & Answer Knowledge Base

A tool that I discovered and implemented in FormAssembly back in November

How I Built a Security & Compliance Reporting Process

How I Built a Security & Compliance Reporting Process

[UPDATED 2023-MAY-31: Just did our closing meeting ISO 27001 Audit and the

How I Structure a Policy Portal

How I Structure a Policy Portal

How I Structure Security Controls Portal

How I Structure Security Controls Portal

Main Page - Security Control: Identification & Authentication (IAC) Identification & Authentication

SOC 2: Pros and Cons

SOC 2: Pros and Cons

The SOC 2 framework is a set of standards and guidelines developed

ISO 27001: Pros and Cons

ISO 27001: Pros and Cons

The ISO 27001 framework is an internationally recognized standard that provides a

SOC 2: Importance of Stakeholders Collaboration

SOC 2: Importance of Stakeholders Collaboration

Involving all relevant stakeholders in the SOC 2 implementation process is essential

HIPAA Expected Evidence

HIPAA Expected Evidence

Click the link below to be redirected to the spreadsheet HIPAA Expected

Audit Principles and Concepts

Audit Principles and Concepts

Carve-out method Method of dealing with the services provided by a subservice

Evidence Gathering Recommendation: Adding TimeStamp To Screenshots

Evidence Gathering Recommendation: Adding TimeStamp To Screenshots

Install Timestamp App * https://github.com/mzdr/timestamp When Taking Screenshots Remember

Mapping Security Controls to the HITRUST framework

Mapping your security controls to the HITRUST Common Security Framework (CSF) is

SOC 2: Selecting a SOC 2 Auditor

SOC 2: Selecting a SOC 2 Auditor

Selecting a SOC 2 auditor is an important decision for any organization,