Audit

reciprocity

Audit Checklist for Social Compliance

A social compliance audit, also known as a social audit, is an effective way to determine if an organization is complying with socially responsible principles. Social compliance refers to how a company protects the health and safety as well as the rights of its employees, the community, and the environment where it operates in addition to the lives and communities of workers in its distribution chain and its supply chain.

victorops

Using Data and Automation to Help Engineering Teams Avoid Coronavirus

Nothing seems to unite humans more than this widespread virus epidemic. COVID-19, the current coronavirus, is top of mind for everyone right now – and it’s something we wish we didn’t have to think about. As cases grow, people are already thinking about ways to keep themselves, coworkers, friends and family out of harm’s way. The easiest answer is to limit the amount of travel and human contact. But, as they say in show business, the show must go on.

tripwire

NERC CIP Audits: Top 8 Dos and Don'ts

My time at NERC had me involved with quite a few projects over my seven-year career there. I was involved with CIP compliance audits, investigations, auditor training, and many advisory sessions. Typically, I was advising entities across North America on different tactics, techniques, and insight from best practices I have seen. I wanted to share a few of the dos and don’ts during my experience out in the field.

Using Big Data In Auditing And Analytics

In a business environment characterized by repeated slow growth, uncertainty, and disruption, organizations face bigger challenges than ever in creating sound risk management strategies.For many firms, analytics and auditing are crucial to maintaining an agile, profitable, and competitive framework.
reciprocity

Preparing for an ISO 27001 and 27002 Audit

Getting your certification for ISO 27001 is a complex and time-consuming endeavor. But for many organizations, it’s worth the effort. That’s because ISO 27001 is the international standard for Information Security Management System (ISMS). Being able to say you’re “ISO 27001 certified” tells stakeholders that your organization is serious about protecting the security and privacy of their information.

reciprocity

How To Minimize The Scope of Your PCI DSS Audit

Compliance with the Payment Card Industry Data Security Standard (PCI DSS) and its 281 directives can be a time-consuming hassle. Fortunately, there are ways to minimize your PCI DSS scope, saving time and resources for your organization and auditor, and ratcheting down your stress levels. Larger organizations—those processing more than 1 million credit-card transactions annually—may need two years to reach initial PCI DSS compliance.

reciprocity

Internal Audit Checklist for Your Manufacturing Company

The manufacturing industry faces increasing scrutiny from regulatory agencies. As cybercriminals increasing target SCADA system weaknesses, an organization’s cybersecurity posture becomes more important to its ability to protect data and obtain important contracts. Starting with a security-first approach to cybersecurity often protects data, but to meet compliance requirements, the organization need to document the effectiveness of its internal controls.

reciprocity

Continuous Auditing vs Continuous Monitoring

Monitoring is an established component of the information security process which goes hand in hand with auditing. Auditing is used to document an organization’s compliance activities. Where monitoring protects the data by responding to threats, Auditing provides proof of a continued compliance effort. By taking a “security-first” approach, companies can use continuous auditing and monitoring to provide evidence of their cybersecurity protections.

How to Measure Internal Audit Performance

Ever-increasing cybersecurity threats have made data security a staple in all businesses that transmit, manage, or store sensitive data. However, many companies struggle with security when it is time to carry out IT audits. To determine the effectiveness of your risk management program, it is crucial to measure your organization's internal policies against the recommended industry standards and regulatory requirements.