The Federal Information Security Management Act (FISMA) was originally released in December 2002 and established the importance of information security principles and practices within the Federal Government, noting that information security was “critical to the economic and national security interests of the United States.
Now that 2016 has come to a close and we have started 2017, I wanted to take a moment to review some of the information security stories from last year, and provide some insight on how you can protect yourself from them in 2017 since those issues are not going away any day soon.
A SOC (Service Organization Control) report is a report on controls at a service organization related to various types of subject matter, for example: controls that affect user entities’ financial reporting; controls that affect the security, availability, and processing integrity of the systems; or the confidentiality or privacy of the information processed for user entities’ clients.
Have you ever thought about what you would do if someone obtained access to all the information you stored electronically?
Type II engagements (for both SOC 1s and SOC 2s) require walkthroughs and testing of the controls in place at the service organization to be able to opine on the suitability of the design and the operating effectiveness during the period under review.
The Privacy Times. Privacy is a daily news topic with staying power as strong as we have ever seen it. Searching for the word “privacy” on any reputable news site will generate articles containing the day’s wide-ranging contributors—from Germany’s data protection authority ordering Google to change its data collection practices; to continued criticism of the U.S. […]
Healthcare providers, payers, exchanges, and many service providers to the healthcare industry are under increased pressure to demonstrate their compliance with the security and privacy requirements of HIPAA.
Many U.S. companies receive what, until recently, were called SAS 70 audit reports from certain types of vendors.