Blog
Page 37 of 153
What Are NIST Controls and How Many Are There?
The National Institute of Standards and Technology is a U.S. government agency that publishes cybersecurity frameworks organizations can use to strengthen their internal controls and compliance programs. Its most notable framework is NIST Special Publication 800-53, a framework that contains more than 900 unique controls across 18 larger “control families.” NIST controls are meant to […]
Tags: Audit Management, NIST
October 30, 2023
What Does ISO Certification Cost?
Certifying your compliance with ISO standards for cybersecurity, quality management, and other good business practices can be a great way to demonstrate your organization’s commitment to superior performance. ISO certification means that a third party has independently validated that a company conforms to a set of standards established by the International Standards Organization. The ISO […]
Tags: ISO
How do I Prepare for an ISO Surveillance Audit?
An ISO (International Organization for Standardization) surveillance audit is an occasional review of a company’s quality management system or information security management system (ISMS) by an accredited auditor, to confirm that the company still meets ISO standards, after the company had already achieved ISO compliance at some point in the past. To put it more […]
Tags: ISO, Technology
How Much Does a SOC 2 Audit Cost?
SOC 2 audits inspect the security controls of vendors and service providers. (“SOC” itself is an abbreviation of System and Organization Controls for Service Organizations.) It’s reasonable to ask how much a SOC 2 audit might cost, but every SOC 2 audit is unique — which means that nobody can give a single, universal estimate […]
Tags: Audit Management, SOC
What is Calculated Risk in Business?
Every business decision involves an element of risk. Management’s job is to assess that level of risk as best as possible, and to weigh that risk correctly against the potential rewards. That risk-versus-reward equation is the basis for taking calculated risks, often referred to as your “risk-adjusted return on investment.” So how should an executive […]
Tags: Risk Management
September 15, 2023
What is a Compliance Risk Assessment?
As global data privacy and cybersecurity regulations continue to proliferate, the pressure for organizations to manage compliance risk grows. And the first step in your journey to better compliance risk management is the compliance risk assessment. In this article we will explain what a compliance risk assessment is, how you undertake one, and how to […]
Risk Quantification in Compliance
Risk management helps organizations to comply with applicable laws, regulations, and operational standards, and to approach “continuous compliance” as much as possible. To manage compliance risk, however, the first step is a risk assessment that quantifies the risk you face. So how does a company do that accurately and efficiently? To answer that question, we […]
Tags: Compliance, Risk Management
Mixpanel Sees Swift Value from ZenGRC
Discover how Mixpanel, a leading product analytics software company, leaned on Reciprocity’s Onboarding Services, resulting in an efficient implementation, fast adoption and a streamlined SOC audit. All Eyes on SOC Prize When Mixpanel’s security team was tasked with completing its first SOC Audit, the team got it done. While it was successful, it wasn’t exactly […]
September 14, 2023
Aera Technology Drives Compliance Efficiency with ZenGRC
Discover how Aera Technology, a cognitive automation company, rapidly ramped up its enterprise-level certifications, including SOC, HIPAA and ISO, leveraging automation, one-to-many control mapping and program-wide visibility with ZenGRC. Results Rapidly scaled compliance and risk program — without adding headcount Conducted audits for 5 compliance frameworks simultaneously Created foundation to enable easy addition of new […]
September 12, 2023
Page 37 of 153