San Francisco, CA, USA
Nov 19, 2020   |  By Reciprocity Labs
Prevention, they say, is better than cure. Most companies have put in place stringent data security measures to prevent any kind of breach. However, following recent security breaches of tech-savvy giants like Twitter, Target, and Gmail, it's clear that no company is 100% immune to a breach. Therefore, businesses must draw an action plan for handling a data breach should the security and prevention measures fail. Here's a comprehensive data breach response guide every company should implement when the situation calls for it.
Oct 19, 2020   |  By Reciprocity Labs
While risk management can be draining, it offers crucial lessons that enable managers to implement projects efficiently. If you undertake a thorough risk analysis before any project, you'll identify all the gaps and create mitigation strategies. This way, you'll save time and resources.
Sep 1, 2020   |  By Thea Garcia
Not long ago, we’d say “slack” to describe not working, as in “slacking on the job.” With the advent of the Slack app, though, the term has become synonymous with productivity. And Slack’s ability to work in tandem with hundreds of applications makes this popular team communication and collaboration tool even more useful.
Sep 1, 2020   |  By Tricia Scherer
Each month, Reciprocity highlights companies that have earned compliance certifications for information security frameworks. Here’s our September 2020 roundup of recent compliance news from around the United States and around the world.
Aug 27, 2020   |  By Reciprocity Labs
In recent years, both large and small organizations have been affected by data breaches. Business owners, C-suite executives, and CIOs face the reality that they can be a target of security breaches at any time. These incidents can jeopardize your organization's credibility besides leading to financial and productivity losses.
Aug 27, 2020   |  By Tricia Scherer
Because of additional regulations and standards pertaining to information security, including Payment Card Industry Data Security Standard (PCI-DSS), the General Data Protection Regulation (GDPR), Sarbanes-Oxley (SOX), the Health Insurance Portability and Accountability Act (HIPAA), California Consumer Privacy Act (CCPA) and ISO 27001, organizations are putting more emphasis on compliance as well as the auditing of their cybersecurity policies and cybersecurity controls.
Aug 25, 2020   |  By Tricia Scherer
Compliance testing, also known as conformance testing, is a periodic, independent, and objective assessment of compliance-related processes and/or controls. The goal of compliance testing is to determine whether the elements, processes, and controls of your compliance program are designed appropriately and operating as designed. Compliance testing follows an established process and plan as well as a risk-based approach.
Aug 20, 2020   |  By Dave Schmoeller
Each month, Reciprocity highlights companies that have earned compliance certifications for information security frameworks. Here’s our August 2020 roundup of compliance news from around the United States, and around the world.
Aug 18, 2020   |  By Tricia Scherer
During an internal International Organization for Standardization (ISO) audit, your company assesses its quality management system (QMS) to determine if it complies with ISO 9001. Companies use the ISO 9001 standard to demonstrate that they can consistently provide products and services that meet customer needs and regulatory requirements. Organizations also use ISO 9001 to demonstrate that they are continually improving their products, services, and processes.
Aug 13, 2020   |  By Sherry Jones
If your company is a service organization and your customers trust you with their data, you may need to pass a SOC 2 (System and Organization Controls 2) audit. Compliance and certification are the goals of a SOC 2 audit. Because the integrity, confidentiality, and privacy of your customers’ data are on the line, they’ll want you to prove that you have the internal controls in place to protect that data. The SOC 2 compliance audit gives them that assurance.
Aug 24, 2016   |  By Reciprocity
Watch how ZenGRC makes compliance easier for your compliance manager.
Aug 9, 2016   |  By Reciprocity
Watch how ZenGRC makes compliance easier for your compliance manager.
Jul 28, 2016   |  By Reciprocity
While Microsoft Excel is flexible and powerful, it’s not designed to track compliance initiatives. Some companies can get away with using an Excel spreadsheet for simple compliance requirements. However as your organization matures the need for compliance software will quickly grow.
Jan 29, 2019   |  By Reciprocity Labs
Get best practices for purchasing and implementing a GRC software tool and get tips on how to leverage your tool for ongoing success.
Jan 29, 2019   |  By Reciprocity Labs
In an increasingly litigious society, you need technology that allows you to create business strategies based on these risks so that you protect your organization from the mistakes others make.
Jan 1, 2019   |  By Reciprocity Labs
This paper explores several dimensions of Vendor Risk Management. First, why are vendor risks proliferating—why now, and where do they come from? Second, what steps are necessary to manage vendor risks? And third, how can CISOs and compliance officers implement those steps in a practical way, so you don’t spend all your time chasing vendors with risk management protocols?
Jan 1, 2019   |  By Reciprocity Labs
Learn how to scope PCI-DSS requirements for your business.
Dec 1, 2018   |  By Reciprocity Labs
When companies first determine they need a formal compliance program, many are unclear if they need a compliance tool to manage it. Many companies turn to Microsoft Excel as the compliance tool of choice when first undertaking a GRC program. This eBook covers where Excel makes sense and how to know when your program has outgrown Excel.
Dec 1, 2018   |  By Reciprocity Labs
Compliance is a process and you need to understand the right steps to take at the right time. This eBook provides a roadmap for understanding where you fit on the compliance spectrum, how to measure trade offs between growth and compliance, and practical tips for dealing with auditors as you move through the compliance process.
Nov 1, 2018   |  By Reciprocity Labs
Struggling with GRC? It's Time to Take Charge. Learn how ZenGRC can help you solve your biggest compliance headaches.
Nov 1, 2018   |  By Reciprocity Labs
Find out how to simplify your compliance program and maximize your return on investment with this eBook.

ZenGRC -- the first, easy-to-use, enterprise-grade information security solution for compliance and risk management -- offers businesses efficient control tracking, testing, and enforcement.

ZenGRC is the SaaS remedy for legacy GRC heartburn. ZenGRC streamlines control management to provide tangible value because it speeds up audit and vendor management tracking and consolidates risk mitigation tasks. Since ZenGRC only takes 6-8 weeks to implement, you can speed compliance allowing your teams to focus on security work while saving time on mundane tasks keeping you safer.

Power Up Your Team and Accelerate Time to Value with ZenGRC:

  • Simple Deployment: Rapidly deploy a risk management and compliance program so you can focus on the security in information security compliance.
  • Unified Control Management: Map controls across multiple frameworks for visibility into defense mechanism strengths and weaknesses.
  • Centralized Dashboard: Access key metrics to build a compliance program that responds to the protection your information security program provides.

Compliance and Risk Management Made Simple.