5 Steps to ISO Certification

5 Steps to ISO Certification

What are the steps to ISO certification? Our assessors have completed assessments against several International Organization for Standardization (ISO) standards, and can provide your organization on insights on the process for achieving ISO certification.

Read More

The Advantages of Accredited ISO 27001 Certifications

To protect the sensitive data within an information security management system (ISMS), organizations should consider the comprehensive information security standard, published by the International Organization for Standardization, ISO 27001. This audit is a standardized-industry approach used to define and validate the processes and controls of an ISMS. Before conducting the ISO 27001 audit, an organization […]

Read More

SOC 2 vs. ISO 27001: Which is the Right Assessment for Your Organization?

Companies continue to struggle with the decision between selecting the SOC 2 examination or ISO 27001 certification.  Often customer contracts require either audit or competitors have one or the other.  Although these security standards serve a similar purpose, there are some key decision factors that may help your organization determine the appropriate assessment based on […]

Read More

Becoming Certified to Access the Limited Access Death Master File

What is the Limited Access Death Master File (LADMF)? The LADMF, or Limited Access Death Master File, contains sensitive information that cannot be disclosed during the three-year period following an individual’s death, including: Social Security Number Name Date of Birth Date of Death Read now: [Whitepaper]: Cyber Defense Guide 2017 – Part 1 Effective November […]

Read More

Family Affair: Using ISO 27001 to conform to ISO 27017 and ISO 27018

ISO 27000 Family – Information Security Management Systems The ISO 27000 family of standards is related to an organization’s information security management systems, or ISMS. This international standard helps organizations by providing a clear set of requirements that can be used to manage the security of the business’ assets. An ISMS is a systematic approach […]

Read More

FedRAMP vs. FISMA: Choosing the Right Standard for Your Federal Clients

When pursuing federal clients or servicing existing federal clients, there are a number of unique compliance needs due to the sensitivity of the federal information. Standards such as FedRAMP and FISMA exist to create consistent security standards for organizations seeking federal agency clientele. FISMA, or the Federal Information Security Management Act of 2002 is the […]

Read More

FISMA Certification: Understanding Low, Moderate and High-Impact Systems

FISMA, or the Federal Information Security Management Act of 2002, assesses the controls outlined in NIST 800-53. You can review those requirements in Figure 1, below. One of the benefits of FISMA is that it provides different implementation options depending on the levels of potential impact for an organization or individual if there were a […]

Read More

5 Tips to Enhance Your Password Security

iso-27001-blue

A password is designed to protect our personal information and accounts, but how are the passwords that you are using making it easier for hackers to access your accounts? Our experts have analyzed numerous passwords and why they don’t fit the security criteria. Here are some actionable tips for you to easily increase the security […]

Read More

FedRAMP: Outline of Timeliness and Accuracy of Testing

As FedRAMP continues to emphasize the FedRAMP Accelerated program, which is meant to reduce approval time for the Joint Authorization Board (JAB), they have released additional guidance on the Timeliness and Accuracy of Testing Requirements. FedRAMP Timeliness and Accuracy of Testing There are three categories associated with testing in the authorization package: Penetration Testing Vulnerability […]

Read More

Vulnerability Scan vs. Penetration Test: What’s the Difference?

What is the difference between a penetration test and a vulnerability scan? Is a penetration test a vulnerability assessment? Is a vulnerability scan a penetration test? Which one does my organization need? As organizations prepare to meet their security needs, determining which service your organization requires depends on the purpose of each project. Vulnerability Scan […]

Read More