Ostendio Expands MyVCM Auditor Connect Marketplace with
A-LIGN Partnership

Reposted with permission, Ostendio Inc.

ARLINGTON, Va. – September 28, 2020 – Ostendio Inc., a leading provider of integrated risk management software, and A-LIGN, a security and compliance provider, today announced that A-LIGN is joining the MyVCM Auditor Connect™ marketplace offering customers more choices in their third party security and risk management audit firms. Continue reading “Ostendio Expands MyVCM Auditor Connect Marketplace with
A-LIGN Partnership”

The A-LIGN Advantage: Unify Your Audit Experience across Multiple Standards with a Single-Provider Approach

“Don’t swap horses in the middle of the stream.” – Abraham Lincoln

The emergence of automated security and compliance solutions still leaves organizations with a problem: these point solutions are unable to provide independent third-party certification. Continue reading “The A-LIGN Advantage: Unify Your Audit Experience across Multiple Standards with a Single-Provider Approach”

SOC Report Types: What You Need to Know

Organizations cannot afford to leave their clients’ trust to chance. They face complex pressures from customers, regulators and cyberattacks to implement appropriate controls within their environments to protect customer and proprietary data. Continue reading “SOC Report Types: What You Need to Know”

The New Normal:
Fully-Enabled Remote Audits

The new normal is anything but normal, but before we join in the chorus of “uncertain times” let’s take a moment to reflect on how standards organizations have responded to COVID-19 to enable remote audits so that organizations can continue to demonstrate trust. Continue reading “The New Normal:
Fully-Enabled Remote Audits”

SOC 2 Examinations for Colocation Service Providers

The framework and criteria for a SOC 2 examination are flexible and can be applied to many entities, including service organizations who work with an entity to provide a particular type of services (e.g. data backup services, cloud hosting services, managed IT services, incident management services, change management services, network security services, etc.). Continue reading “SOC 2 Examinations for Colocation Service Providers”

Take An In-Depth Look at the SOC 2 Audit Process

Understanding the purpose and examination process of a SOC 2 audit can be confusing for first-time users and experienced customers alike. A simple Google search can give you the basics of a SOC 2 audit, but that generalized knowledge is only the beginning.

Continue reading “Take An In-Depth Look at the SOC 2 Audit Process”

Which Compliance Audit is Right for Me?

When it comes to compliance audits, one should never follow the “one-size-fits-all” mentality. The type of audit you need often depends on your organization’s industry, specific client requests or type of data stored. Continue reading “Which Compliance Audit is Right for Me?”

SOC 1 or SOC 2: Which Is Right for My MSP?

Managed service providers (MSPs) provide a valuable service by enabling companies of all sizes to outsource their key information technology processes. Many of those companies who look to engage an MSP ask whether a SOC 1 or SOC 2 Examination has been completed to assess the MSP’s security posture.

Continue reading “SOC 1 or SOC 2: Which Is Right for My MSP?”

Top Tips for Effective Audit Preparation

For any organization that stores, interprets and manages sensitive data, complying with cybersecurity requirements is of utmost importance. The most comprehensive way to test the strength and effectiveness of these systems is through a compliance assessment. Beginning this process, however, is no easy feat. Continue reading “Top Tips for Effective Audit Preparation”